Good day,

 

We are evaluating syslog-ng Premium using the Windows Agent sending syslogs back to a client on Linux. Everything was working fine for about a week. Now anytime a message is sent from the agent, it shows up on the receiving end as “[kern] [emerg] Jul  9 10:32:38 <IP Address> <server name> --- MARK ---“, where MARK is actually in the message field. The messages should be coming in as local6/notice instead of kern/emerg. Everything seems to be setup correctly on the Windows agent. We have tried restarting the agent to no avail. The windows server shows nothing in the event log for the time that the MARK message comes across.

 

If anyone has any insight into this problem, please let me know.

 

Thanks.

 

Steve

 

-------------

Steve Lee

Technical Operations Center

University Technology Services

Emory University

-------------

 


This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.

If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).