client_ip == "192.168.1.10"
filterrecords - Choose which records you want
A record stream.
Records that match the filter rule is send to this stream.
Records that do not match the filter rule is send to this stream.
This tool matches a record against a filter rule. If the record matches it will be output as Accepted, otherwise it will be output as Rejected.
The rules are small programs that has the form:
<field name> <comparison operator> <value>
[(] <basic form> <logical operator> <basic form> [)]
The following operators are available:
==, !=, like, nlike, >, <, contains, contains_case.
and, or.
|
Note
|
Logical operators are left associative. If right associativeness is desired it can be obtained with the optional parenthesis; see EXAMPLES section. |
client_ip == "192.168.1.10"
All records where field client_ip has value 192.168.1.10 will be output as Accepted. If the IP address is different from 192.168.1.10 the record will be output as Rejected.
Internally IP addresses are stored as integers, but in filter rules the dotted quad notation is used.
|
Note
|
Use == not =. |
|
Note
|
Values must be enclosed by double quotes ("…"). |
Rules can be complex:
host like "*somedomain.com" and (uri nlike "*.gif" and uri nlike "*.jpg")
This example will accept all records where field host contains the value "somedomain.com" but only if the uri does not contain ".gif" or ".jpg" — i.e. you do not want to store records that originate from a picture request.
|
Note
|
* is a wild-card and can be used with the (n)like operator. |
server_ip > "192.168.1.0" and server_ip < "192.168.1.11"
This rule will output records with field server_ip in the range "192.168.1.1" to "192.168.1.10" as Accepted.
The filter string.