18 May
2020
18 May
'20
3:15 a.m.
I am trying to ingest logs from a checkpoint firewall over a tcp connection: source s_checkpoint { network( transport("tcp") flags(no-multi-line) port(2514) keep-alive(yes) flags(syslog-protocol) ); }; # added flags(syslog-protocol) on suggest of checkpoint docs for syslog-ng destination d_debug { file( "/data/russell//test.log" ); }; log { source( s_checkpoint ); destination( d_debug ); }; This is what turns up in the output: May 18 12:10:42 secmgrprd02 syslog-ng[1555]: Error processing log message: <134>1 2020-05-17T23:33:27Z smartlog01 CheckPoint 25651 -….. Any ideas on what is going on or how to find out? Russell