[syslog-ng]line end
Balazs Scheidler
syslog-ng@lists.balabit.hu
Wed, 13 Oct 2004 18:02:22 +0200
On Wed, 2004-10-13 at 15:11, Thomas Richter wrote:
> Hi Balazs Scheidler <bazsi@balabit.hu>,
> you wrote on Wednesday, 2004-10-13 12:11:51 +0200:
> > can you post a complete example? I'd put it into my regression testing
> > suite.
>
> I hope you mean this:
>
> Oct 8 19:40:25 shodan isdnlog:
> Oct 08 19:40:25 shodan tei 69 calling ? () with T-Easy 520 HLC: CCITT, Telefonie <30>Oct 8 19:40:33 isdnlog:
> Oct 08 19:40:33 shodan 69 calling ? () with T-Easy 520 Normal call clearing (User) <30>Oct 8 19:40:34 isdnlog:
> Oct 08 19:40:33 shodan 69 calling ? () with T-Easy 520 HANGUP <4>Oct 8 19:40:35 kernel: SuSE-FW-DROP-DEFAULT IN=ppp0 OUT= MAC= SRC=80.134.
> 250.29 DST=80.134.188.162 LEN=52 TOS=0x00 PREC=0x00 TTL=124 ID=22072 DF PROTO=TCP SPT=3629 DPT=135 WINDOW=32767 RES=0x00 SYN URGP=0 OPT (020
> 405A00103030001010402)
> Oct 8 19:40:40 shodan isdnlog:
> Oct 08 19:40:40 shodan tei 69 calling ? () with T-Easy 520 HLC: CCITT, Telefonie <30>Oct 8 19:40:46 isdnlog:
> Oct 08 19:40:46 shodan 69 calling ? () with T-Easy 520 Normal call clearing (User) <30>Oct 8 19:40:47 isdnlog:
> Oct 08 19:40:47 shodan 69 calling ? () with T-Easy 520 HANGUP <78>Oct 8 19:41:00 /USR/SBIN/CRON[16714]: (root) CMD (/usr/bin/vnstat -u -i
> ppp0)
not completely. I'd need a single, but complete log line, in a way that
I can reconstruct it byte-by-byte.
You can grab this for example by running strace with a large string
limit value (-s) attaching to either syslog-ng or isdnlog and looking
for a recv/recvmsg/read or send/sendmsg/write line which contain the
complete log line.
--
Bazsi