Hey Bazsi, Thanks for the quick reply, great job/service. Unforturnately it still doesnt work with the config i pasted: -- Jan 19 13:13:45 <hostname> : Jan 19 13:13:44: %SYS-5-CONFIG_I: Configured from console by <username> on vty0 (<ip>) -- Martin 2010/1/19 Balazs Scheidler <bazsi@balabit.hu>
On Tue, 2010-01-19 at 11:08 +0100, Marty Sørensen wrote:
Hello ....
New user to syslog-ng but still hoping someone can help me with a small config example
Im forwarding syslog from my syslog-ng but when it arrives it has double timestamps/hostname: -- Jan 19 11:02:58 cut-hostname 10.229.5.2 32176: Jan 19 11:02:57: % SFF8472-5-THRESHOLD_VIOLATION --
Your Cisco gear is including sequence number in the timestamp which syslog-ng doesn't recognize.
That's the "32176: " prefix before the 2nd timestamp. If you disable that, it'll work.
I'm planning to add support for this field in the future.
-- Bazsi
______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html