How can I get logs without date,time hostname and facility ?
ok I have correct this line in my syslog-ng.conf destination hosts { file("/var/log/hosts/$HOST/$FACILITY/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY" template("$MSG\n") owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); }; and now log looks like this squid: 1033739673.117 10818 192.168.1.29 TCP_REFRESH_MISS/200 19595 GET http://lists.balabit.hu/pipermail/syslog-ng/ - DIRECT/62.80.73.147 text/html squid: 1033739687.778 3124 192.168.1.29 TCP_MISS/200 180 GET http://216.239.33.102/search? - DIRECT/216.239.33.102 text/html I need exclude word "squid" from logs, it need for SQRMGLOG. It doesn't work correctly with this log How ????????? Alexander Chernyh Network Administrator The Publishing House "Galitsky Kontrakty" http://www.gc.lviv.ua E-mail: alexch@gc.lviv.ua CHA-UANIC: http://uanic.com.ua ICQ 108387628
On Fri, Oct 04, 2002 at 05:02:38PM +0300, alexch wrote:
ok I have correct this line in my syslog-ng.conf
destination hosts { file("/var/log/hosts/$HOST/$FACILITY/$MONTH/$DAY/$FACILITY$YEAR$MONTH$DAY" template("$MSG\n") owner(root) group(root) perm(0600) dir_perm(0700) create_dirs(yes)); };
and now log looks like this
hmm.. $MSG automatically includes the programname, as it cannot be separated from the main part of the message in all cases. the program doesn't have to send those programname tags, so try stripping them off in the send side. -- Bazsi PGP info: KeyID 9AF8D0A9 Fingerprint CD27 CFB0 802C 0944 9CFD 804E C82C 8EB1
participants (2)
-
alexch
-
Balazs Scheidler