[syslog-ng] pattern matching against raw input?
Glen Johnson
gfjohnson at alaska.edu
Thu Apr 15 21:09:26 CEST 2010
Is there a way to parse against raw input, with syslog-ng?
I'm writing patterns for Cisco devices and the PROGRAM macro appears
to be gobbling (and then removing) the %FACILITY-SEVERITY-MNEMONIC
text, prior to the parser getting access [to the message], for Cisco
ASA devices. In other cases, PROGRAM gobbles the log sequence number
(from cisco ios) and leaves the date/time and FAC-SEV-MNEMONIC code
intact.
More information about the syslog-ng
mailing list