[syslog-ng]Can I prevent syslog-ng from prepending logs from other servers?
Victor Barahona
victor.barahona@uam.es
Tue, 19 Dec 2000 17:20:41 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tuesday 19 December 2000 13:25, you wrote:
>William Yodlowsky on Mon, Dec 18, 2000 at 11:34:34PM -0500:
>> On Mon, Dec 18, 2000 at 05:09:20PM -0600, Matt Mencel wrote:
>
>Hi,
>
>> > I am recieving web and ftp logs from another machine on my central
>> > logging machine. Syslog-ng prepends the logs with a bunch of
>> > information that I don't need and it prevents Analog and Webalizer
>> > from parsing the logs correctly. Is there a way to tell syslog-ng
>> > not to prepend this information
>> > to certain logs? Thanks.
>
>the main reason why you have replaced your original syslog are
>advanced filtering capabilities .. use them :)
William, I think you missunderstand the question from Matt.
The problem is that this is a normal (local) syslog message:
Tue Dec 19 16:18:14 2000 17 saraksh.alkar.net 65536 /ftp/data/fgf092.zip b
_ o a Squid@ ftp 0 * i
This is the same in the log-server from syslog-ng:
Dec 19 16:18:20 local@limonero/limonero ftpd[3065]: [ID 735137
daemon.info] xferlog (send): 25 saraksh.alkar.net 65536
/ftp/data/fgf092.zip b _ o a Squid@ ftp 0 * i
When a program that parse those logs for statistic purpose (as webalizer)
its fail because the logs are not in the format the webalizer expect.
I save the problem pre-processing the logs whith a script that write them
in the right format in another file and then pass it to webalizer.
¿What are the reason because the syslog-ng use another different format in
their logs?
Sorry for my english.
Victor.
- --
"Alone? you are not alone, Bigbrother is watching you"
- ------------------------------------------------------------------------
Soporte Seguridad en red........................http://www.utc.uam.es/ss
Unidad Tecnica de Comunicaciones...................http://www.utc.uam.es
Universidad Autonoma de Madrid.........................http://www.uam.es
Tlf.- 91 397 5525 PGP ID-0x8750AB79
- ------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1i
iQA/AwUBOj+K2UoW8ByHUKt5EQLUiACeLUHqXJGmeFylJlX0+RpuTo0B830AoLwN
3kG3ooRAuqnI8sYzjEmMnQkv
=iEb4
-----END PGP SIGNATURE-----