diff --git a/10-syslog(test).conf b/10-syslog(test).conf index ecbf3542ac1c9e69d866ad3d0011b050b750dab9..46f821376e95c8a70e39fe40e2ad67177b60a7e4 100644 --- a/10-syslog(test).conf +++ b/10-syslog(test).conf @@ -1,18 +1,17 @@ filter { if [type] == "syslog" { - #for multiple pfSense - #if [host] => ["192.168.0.1", "192.168.50.1", "192.168.100.1"] #change to pfSense ip address if [host] =~ /192\.168\.1\.1/ { mutate { add_tag => ["PFSense", "Ready"] } } - #if [host] =~ /192\.168\.100\.1/ { - # mutate { - # add_tag => ["PFSense#2", "Ready"] - # } - #} +#For Multiple pfSense's, use the following, repeat as needed +# if [host] =~ /192\.168\.100\.1/ { +# mutate { +# add_tag => ["PFSense", "Ready"] +# } +# } if "Ready" not in [tags] { mutate { add_tag => [ "syslog" ]