Re: [logs] Log Samples Requested

• Previous message: Safier, Adam *: "RE: [logs] Log Samples Requested"
• Maybe in reply to: Rainer Gerhards: "[logs] Log Samples Requested"
• Next in thread: Rainer Gerhards: "RE: [logs] Log Samples Requested"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

What about sites like ours that use a different syslog output format?

We're running regionalized syslog servers in several different countries,
so use syslog-ng with a different template to produce syslog output.
i.e. ours looks like (one long line):

2004-03-13T19:20:07+0000 server.name mail info qmail-scanner[663]:
Clear:RC:0(1.2.3.4):SA:1(9.8/5.0): 1.389811 3268 BOSHOUNVLP@private
sdsdsddds@private high_quality_rolex_watches_discount_prices
<YQIPGIVOFXZHDYSGTYCTSGJCB@private> 1079205606.675-0.server.name:2235
orig-server.name1079205606470663:3268
That's 'template("$R_ISODATE $HOST $FACILITY $PRIORITY $MSG\n")' in
syslog-ng speak...
Jason


_______________________________________________
LogAnalysis mailing list
LogAnalysis@private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: Adrian Grigorof: "Re: [logs] Log Samples Requested"
• Previous message: Safier, Adam *: "RE: [logs] Log Samples Requested"
• Maybe in reply to: Rainer Gerhards: "[logs] Log Samples Requested"
• Next in thread: Rainer Gerhards: "RE: [logs] Log Samples Requested"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Mar 13 2004 - 11:28:59 PST