Sun now has a Message ID in their syslogs for Solaris 8. On a Solaris 8 machine, do a man msgid for more information. I'm not sure if posting excerpts from a Sun man page is okay, so I'll leave that up to the readers. -- Brian Birkinbine <bbirkinbineat_private> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x37D55FF6 On Wed, Jan 09, 2002 at 09:57:09AM -0500, Marcus J. Ranum wrote: > I'm working on a sort of syslog parser thingie that will be released in > a couple months. It's rule-driven and can pretty much consume anything > you throw at it (so far, anyhow...) - and of course I'm bumping up against > the numerous incompatibilities of various syslog message formats. > Does anyone have any notes on the various syslog header layouts > that are out there in the wild? I'm mostly interested in the various > > dd/mm/yy host: program[pid] > dd/mm host: program: > > type stuff. Less interested in the message contents - that's another > problem for another day. :) > > Off-topic: whatEVER were they thinking when they didn't include the > _year_ in syslog messages? Eesh... > > mjr. --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Wed Jan 09 2002 - 08:03:58 PST