On Mon, 2004-08-09 at 15:20, Paul Mindeman wrote:
Running sylog-ng 1.6.4 on Solaris 9
Log entries from my UNIX devices log fine. Log entries from my Netscreen devices seem to be missing the end of line terminator, as the entries run together in the log file. The default syslog daemon was able to handle these entries fine. Any ideas on how to fix this?
The options in the syslog-ng.conf file are:
options { sync (0); time_reopen (10); log_fifo_size (1000); long_hostnames (off); use_dns (no); use_fqdn (no); create_dirs (no); keep_hostname (yes); };
Can you give me an tcpdump snippet to see how a netscreen log message is formatted? Please make sure that you snap the complete packet (-s option). tcpdump -xXpeni ethX port 514 and udp should do the trick. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1