Categories
Uncategorized

How to filter Rsyslog logs by IP address and avoid duplicates

Store and stop processing specific log.

To filter logs from certain IP addresses, save in /var/log/zone_a.log file, and then stop processing them to omit duplicates.

:fromhost-ip, contains, "10.200.35." /var/log/zone_a.log
& ~