Hi All, I have a vendor who has implemented their syslog message with a year in the date field e.g. Apr 15 10:06:19 2005 The vendor believes this to be a correct interpretation of the RFC (it's wrong if you read the next two paragraphs in the RFC) and will not change their software. Has anyone got any ideas on how I can kill the year field so I can use standard reporting/filtering tools? -- Michael Gehrmann Security Administrator Education Qld Facilities Management Office Ph. (07) 322 22889 Fax. 07 322 22868 -------------------------------------------------------- This email and associated attachments may contain confidential and privileged CITEC information that is provided solely for the use of the intended addressee. Views and opinions expressed in this email are those of the individual sender and are not necessarily the views and opinions of CITEC unless the sender expressly states that such views and opinions are those of CITEC. The privilege and confidentiality associated with this email and attachments will not be waived, lost or rescinded by reason of mistaken delivery. Should you receive this email by mistake, please notify the sender by return email then delete the email from your computer system. You must not use, copy, modify, print, or distribute the email or the information and attachments contained within same to any third party. CITEC does not accept any liability in respect of viruses or computer problems experienced by the recipient through access gained to this email and its attachments. -------------------------------------------------------- ________________________________________________________________________ This email has been scanned for viruses by the CITEC Email Anti-Virus service powered by MessageLabs. For more information on a proactive email anti-virus service working around the clock, around the globe, visit www.citec.com.au ________________________________________________________________________