OS: SLes 11 sp4

syslog-ng: syslog-ng-2.0.9-27.34.39.2

 

Hi,

syslog-ng is configured to read from a application log file and then send it to another file in /var/log (tcpdump is not installed, I cant install it on a blackbox so this is how I test my config)

I have the following in my syslog-ng configuration file:

source ESRS {

file("/opt/esrsve/gateway/xGate.log");

};

 

destination esrsfile{ file("/var/log/max.log" );};

 

 

 

log { source(ESRS);

destination(esrsfile);

};

The problem I am seeing is that when syslog writes to the outputfile (esrsfile) it truncatedthe lines.

ex: Source File : [ 0, 6, 1, 1007] 08-29-2016 13:56:28.703 IMPORTANT INFO EDDEMC: Data Item::PMStatus Current Value::Offline

And the destination file looiks like this:

... ...

Aug 29 14:00:02 hostname C

Aug 29 14:00:02 hostname u

Aug 29 14:00:02 hostname r

Aug 29 14:00:02 hostname r

Aug 29 14:00:02 hostname e

Aug 29 14:00:02 hostname n

Aug 29 14:00:02 hostname t

Aug 29 14:00:02 hostname

Aug 29 14:00:02 hostname V

Aug 29 14:00:02 hostname a

Aug 29 14:00:02 hostname l

Aug 29 14:00:02 hostname u

Aug 29 14:00:02 hostname e

Aug 29 14:00:02 hostname :

Aug 29 14:00:02 hostname :

Aug 29 14:00:02 hostname O

Aug 29 14:00:02 hostname f

Aug 29 14:00:02 hostname f

Aug 29 14:00:02 hostname l

Aug 29 14:00:02 hostname i

Aug 29 14:00:02 hostname n

Aug 29 14:00:02 hostname e

... ...

What am I doing wrong here?

 

 

Thanks much!

 

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq