Filter messages based on host name in KSS NG
Use the Host name filter to include or exclude messages in the filter based on the host name of the sending device. Only messages from the host you include trigger the actions in the associated rule.
If a rule does not contain a Host name filter, Kiwi Syslog Server NG includes all hosts by default.
- From the Kiwi Syslog NG navigation bar, choose Setup > Rules.
- Locate an existing rule. If the rule does not exist, add a rule and start the New Rule wizard.
- If you are adding a filter to an existing rule, select the rule and click Edit. If you are creating a new rule, navigate to the Filters step of the New Rule wizard.
- Click Add filter. Define the filter name in the provided field.
-
In the Field drop down, select Host name.
- Select an option from the Filter Type drop down menu and specify the host names.
- If you are adding a filter to an existing rule, click Apply. If you are creating a filter in the New Rule wizard, click Add.
| Simple |
Enter host names to include in the filter. There is an OR operator between the host names. Messages from any of these hosts are included. For example, a message is included if the IP address of the sending device is
Check the Substring search box if you want the filter to include the IP address as a substring of another IP address. A substring search returns TRUE if the string is anywhere in the message. |
| Complex |
Enter the host names to include or to exclude in the filter. There is an OR operator between host names on the same line. Messages are included or excluded if they are sent from any of the hosts on the line. For example, a message is excluded if the IP address of the sending device is
|
| RegExp |
Enter regular expressions to specify the host names to include or exclude in the filter. |
