Filtering the log file for comment lines
The event log file for Microsoft ISA or Microsoft TMG might contain comment markers. Comments must be filtered from the event message.
From the Start menu, select .
The Syslog-ng Agent window is displayed.
- Expand the Syslog-ng Agent Settings pane, and select Destinations.
Right-click on your IBM®
Syslog destination and select .
The Global event filters Properties window is displayed.
Configure the following values:
- From the Global file filters pane, select Enable.
- From the Filter Type pane, select Black List Filtering.
- Click OK.
From the Filter List menu, double-click Message
The Message Contents Properties window is displayed.
- From the Message Contents pane, select Enable.
In the Regular Expression field, type the following regular
- Click Add.
Click Apply, and then click OK.
The event messages with comments are no longer forwarded.Note: You might need to restart Syslog-ng Agent for Windows service to begin syslog forwarding. For more information, see your BalaBit Syslog-ng Agent documentation.