[syslog-ng] Date and Host in Syslog Format Need Swapping
infosec at gmail.com
infosec at gmail.com
Thu Jan 17 03:35:00 CET 2008
According to basic syslog message formatting rules the hostname in that message *is* indeed "2008", unfortunately.
Either use bad_hostnames("2008") or set keep_hostnames() to no or false (or whatever the negative is) and use DNS to get the hostnames.
To understand why "2008" is the hostname read the page called something like "about syslog" linked off the syslog-ng FAQ.
-----Original Message-----
From: <wiskbroom at hotmail.com>
Subj: [syslog-ng] Date and Host in Syslog Format Need Swapping
Date: Wed Jan 16, 2008 12:46 pm
Size: 440 bytes
To: Syslog-ng users' and developers' mailing list <syslog-ng at lists.balabit.hu>
Hello:
I have an appliance that I've configured to send logs to syslog, but it is sending to a file named 2008.log instead of $FULLHOST.log
None of the other logs that I am getting contain the year, but for some reason, this one is. Below is a sample of the log itself.
Jan 16 15:31:06 2008 [192.168.100.1]
Is it possible to ignore the YEAR and make output go to $FULLHOST.log ?
Thank you,
.vp
--- attachment noname 1.txt ---
More information about the syslog-ng
mailing list