[syslog-ng]Syslog messages are getting combined...
Steffen Voigt
svoigt@foni.net
Thu, 26 Apr 2001 20:02:17 +0200
Hi Joshua,
I installed the lastest version of syslog-ng on our central loghost last days.
I have the same problem. Our firewall logs get meshed with the Catalyst Logs
etc.
Well... I havent figured out the error yet, but I think there may be a problem
when u use same filters for different sources (What we do.. cos the Cisco IOS
Msg'es are all the same :-)
We do a first a hostcheck [ host("hostname") ] and then a contentcheck [
match("<cisco-msg'es>") ].
If this all doesnt match the stuff goes into the DEFAULT log file.
Gotta investigate it tomorrow :)
Bye
"Scott, Joshua" wrote:
> Has anyone ever had an issue where sometimes you get the information from
> one syslog message combined with another syslog message? Every one in a
> while I get some of my firewall syslog messages combined with messages from
> my DNS servers. This causes my scripts to fail since there is invalid data
> in the log message. Can anyone shed some light for me? Thank you very
> much!
>
> Joshua Scott
> Jacobs Engineering
>
> _______________________________________________
> syslog-ng maillist - syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng