rule "ignorelogs"
when
has_field(“level”) && to_string($message.level) == "5"
then
drop_message();
end
i create this rules to drop message that contain level 6 but nothing change could you help me ??
You wrote “level 6”, but your rule checks for level == “5”.
even i change it nothing change
Please provide some example messages and more details about your setup.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.