[syslog-ng] Trying to define my sources
Guy Fleegman
network.monger at gmail.com
Fri Apr 27 22:48:40 CEST 2007
Let me add to what i have changed....
My config now looks like this
options {
sync (0);
time_reopen (10);
log_fifo_size (1000);
long_hostnames (off);
use_dns (no);
use_fqdn (no);
create_dirs (no);
keep_hostname (yes);
ts_format (rfc3164);
recv_time_zone(+05:00);
};
template t_default { template("${DATE} ${YEAR} ${HOST} ${MSG}\n");
template_escape(no); };
source all_routers { udp(ip(0.0.0.0) port(514) time_zone(+05:00));
};
Even when I add the recv_time_zone and then time_zone options the log
entries are still showing up in the file as UTC?
Here is an example of how they are being logged
Apr 27 20:46:59 2007 intsnort1 SFIMS: [119:17:1] Snort Alert
[Classification: Unknown] [Priority: 3] {TCP}
Why will the date not change? This is how the date look when i sniff iton
wireshark.. so i know that is how it is being sent(as UTC) please advise and
thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20070427/2103dd4a/attachment.htm
More information about the syslog-ng
mailing list