Hello, I'm working on a Splunk dashboard for our NG PE servers. Looking at the stats from the output of /opt/syslog-ng/sbin/syslog-ng-ctl stats, this one has me puzzled: src.program,,49587758,d,processed,1 I don't know what "program" means as well as the 3rd column. I understand the remaining columns. What do they mean? Thanks! Regards, Mark Schoonover - KA6WKE Infrastructure Engineering Manager, Splunk Architect ENE : Tools, Instrumentation and Common Services Team Office: 32.8697° N, 116.9711° W Phone : 770-261-7934 Email : mark.schoonover@cigna.com<mailto:mark.schoonover@cigna.com> HPSM Team: ENE NMS Engineering Confidential, unpublished property of CIGNA. Do not duplicate or distribute. Use and distribution limited solely to authorized personnel. ¬© Copyright 2017 CIGNA ------------------------------------------------------------------------------ CONFIDENTIALITY NOTICE: If you have received this email in error, please immediately notify the sender by e-mail at the address shown. This email transmission may contain confidential information. This information is intended only for the use of the individual(s) or entity to whom it is intended even if addressed incorrectly. Please delete it from your files if you are not the intended recipient. Thank you for your compliance. Copyright (c) 2017 Cigna ==============================================================================
Hi, Your stats level is probably set to 3, which means that we keep a counter for each $PROGRAM field that we receive. Sometimes parsing the program name field fails or it contains a Cisco style sequence number. Hope this helps, PS: if this is a PE version, you might want to contact the official support as well. On Oct 31, 2017 21:34, "Schoonover, Mark E HHHH" <Mark.Schoonover@cigna.com> wrote:
Hello,
I’m working on a Splunk dashboard for our NG PE servers. Looking at the stats from the output of /opt/syslog-ng/sbin/syslog-ng-ctl stats, this one has me puzzled:
src.program,,49587758 <(49)%20587%20758>,d,processed,1
I don’t know what “program” means as well as the 3rd column. I understand the remaining columns. What do they mean?
Thanks!
Regards,
Mark Schoonover – KA6WKE
Infrastructure Engineering Manager, Splunk Architect
ENE : Tools, Instrumentation and Common Services Team
Office: 32.8697° N, 116.9711° W
Phone : 770-261-7934
Email : mark.schoonover@cigna.com
*HPSM Team: ENE NMS Engineering*
*Confidential, unpublished property of CIGNA. Do not duplicate or distribute. Use and distribution limited solely to authorized personnel. © Copyright 2017 CIGNA*
------------------------------------------------------------ ------------------ CONFIDENTIALITY NOTICE: If you have received this email in error, please immediately notify the sender by e-mail at the address shown. This email transmission may contain confidential information. This information is intended only for the use of the individual(s) or entity to whom it is intended even if addressed incorrectly. Please delete it from your files if you are not the intended recipient. Thank you for your compliance. Copyright (c) 2017 Cigna ============================================================ ==================
____________________________________________________________ __________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/? product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
participants (2)
-
Scheidler, Balázs
-
Schoonover, Mark E HHHH