[syslog-ng]Null characters with PIX and Syslog-ng-1.6.Orc4

[Bill Miller]

Hi,

More of an observation than a cry for help...

I had a problem grepping for information in my syslog-ng logs from PIX's.=
 After alot of investigation I found a null character sitting (invisibly)=
 at the end of the time field - /usr/bin/grep will not look past the null=
 character. The PIXs timestamp the syslog message (in this case - not by =
default) and I could not see a syslog-ng configurable cause of this. So l=
ike the coward I am ;) I uninstalled 1.6 and went back to 1.4.17 - which =
did not have the problem.

So really this is just a heads up for anyone seeing the same issue and ma=
ybe if anyone knows the cause and/or knows the fix. As long as you don't =
have to spend all morning trying to fix grep...If you think you might hav=
e this the command to check for null characters is
cat <file> | perl -nge 's/\000/XXX/g'=20
- XXX marks the spot. Probably can do it in sed or tr as well.

Best Regards


Bill Miller
Internet Security Architect

Energis


********************************************************

This e-mail is sent by Energis Communications Limited and its contents ar=
e
confidential and may be legally privileged.

********************************************************