[syslog-ng] filters do not work from syslogd pipe as a source
Jochen Kirn
jochen.kirn at gmail.com
Fri Apr 7 15:08:33 CEST 2006
2006/4/7, Lumir Unzeitig (DHL CZ) <lumir.unzeitig at dhl.com>:
..
>
> It's looking like the facility, priority information has been lost after
> syslogd evaluation or by going through the pipe. (All events go only to
> /dev/null destination)
>
Have you tried to log the messages read from the pipe without the filter to
a file and post an example of the log entries to this mailling list ?
I've a similar problem on AIX (5.3 ML3) where the system syslog daemon
writes its messages to a named pipe
and syslog ng should read from it. But for some odd reason AIX syslog adds
the FACILITY and LEVEL to the log message
which causes that the LEVEL field "shifts" to the right.
Therefore Syslog-NG isn't able to parse this correctly, because it
interpreted the FACILITY entry as program name ...
I don't know what causes this, because I can't reproduce this problem on AIX
5.2 or below.
regards
Jochen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20060407/087e801b/attachment.htm
More information about the syslog-ng
mailing list