I am trying to setup a syslog rule that will email me all syslogs from a set of hosts except messages with a specific text string in the syslog message body. I have been able to get the rule setup, but I can’t figure out how to exclude those messages with that specific string. It doesn’t look like the Syslog Message Pattern box accepts any specific syntax to exclude a string. I have looked through the help and thwack and can’t find anything about this. Has anyone tried to do something like this before?