Hello there,
I am runing syslog-ng 3.2.5 on a centos 6.10 server, the log
server. Here we have 30 clients sending log via rsyslog to
the log server. At the log server each one of them have its
own log according to the host name. This operation works
just fine. Now my manager ask me to remove some parts of the
log, so the final log size will be smaller. At the log
server I tried use rewrite and unset to suppress some parts
of the log but it does not work, with the error : Plugin
module not found in 'module-path';
module-path='/lib64/syslog-ng', module='rewrite'
This is the config on log server for each one of the
clients.
filter f_client_serv01 { host( "client_serv01" ); };
destination d_client_serv01 {
file("/var/log/client_serv01.log" perm(0644) owner(root)
group(root) ); };
log { source(s_net); filter(f_client_serv01);
destination(d_client_serv01); };
This is the log
Oct 2 19:07:04 client_serv01 kernel: IN=rdc1 OUT=
MAC=00:50:da:6f:0a:54:ec:08:6b:7f:d5:cb:08:00 SRC=10.1.16.35
DST=xxx.xxx.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=63
ID=27903 DF PROTO=TCP SPT=40917 DPT=443 WINDOW=65535
RES=0x00 SYN URGP=0
rewrite r_rewrite_unset{
unset(value("WINDOW"));
};
rewrite r_rewrite_subst{
subst("WINDOW", " ", value("MESSAGE"), flags("global"));
};
Does anyone have a tip to try to solve this?
Thanks for help.
Have a nice day!
--
Para contato ou solicitações utilize nosso canal de
atendimento via Suporte Técnico através
de nossa central 24H via tel.:(21) 2538-8400 ou através
do email: suporte@mls.com.br
Atenciosamente,
João Tiago Braz | Aux. Sistemas
Operação
21 2538-8400 | 21
3923-5000
operacoes@mls.com.br