[syslog-ng] datetime stamp of syslog-ng...
asa at isac.gov.in
Wed Jan 2 05:15:28 CET 2008
I am redirecting a system log of one server to a centralized log
server running syslog-ng. When we redirect, syslog-ng adds its own
datetime stamp before the actual log entry for each line. Due to
this, one of the log processing software does not recognize the format
and does not generate any reports. If I remove those 4 fields (Month
Name, Date, Year and IP address) for ex: Jan 2 2008 10.10.10.10 (here
10.10.10.10 is the IP address of the system whose logs are getting
stored in central log server) that log processing software works as
expected and generates report.
Is it possible that, I can block those fields getting recorded. If
yes, how? and if not, what is the alternative?
More information about the syslog-ng