Hi Gerardo, I understand what you like to sort your syslog messages by the severity value. With the most popular Unix syslog server it's very easy making different log files. With Linux BSD syslog it's similar to: *.emerg /var/log/emerg *.alert /var/log/alert ... (Don't forget to rotate this new log files with logrotate) If you like store this fields in the log line, I only know one syslog server to make this: nsysgld, this syslog server store a 2 char field with the priority (number) and the facility (char) Sep 28 09:15:58 6A:syslog.src kernel: ... On Wed, 28 Sep 2005 08:50:07 -0600, Gerardo Amaya wrote > Hello all. I've been trying to analize syslog messages from > Watchguard and NetScreen Boxes I'm trying to parse the content, I > can get a lot of values from the messages but the value that I can't > find anywhere is the severity(not even the facility). the content of > the message is very rich but I have not figure out how to get the > severity. I see that syslog messages from both boxes starts with > <digit>, is that the severity and the facilty. Where can I find this > values? > > Thanks in advance > > Gerardo Amaya > _______________________________________________ > LogAnalysis mailing list > LogAnalysis@private > http://lists.shmoo.com/mailman/listinfo/loganalysis -- _____.*º^º*...*º^º*..*º^º*._____ ( ) ) Daniel San Miguel Reyero ( ( .*.*.*.*.*.*.*.*.*.*. ) ) d (a) downby · net ( (________.*oO0Oo*.*oO0Oo*._______) _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2.1.3 : Thu Sep 29 2005 - 12:58:28 PDT