[syslog-ng] Issues while using Syslog destination driver

[Amit Khare]

Hi,

I am getting a weird issues while using the syslog destination driver. I am 
sending an xml message to syslog (syslog-ng 3.1) and forwarding the message over 
to another destination. 


The relevant entries in my syslog.conf look as following:

filter f_atna { facility(local7); };

destination d_loghost { syslog("19.16.2.9" transport("tcp") port(6514) 
template("$MESSAGE")); };

log { source(src); filter(f_atna); destination(d_loghost); };

The problem I am running into is that the xml message is not getting processed 
on the other side because I am getting some weird characters are getting added 
in the xml message:

<?xml - - - version="1.0" encoding="UTF-8"?>

 
The above xml tag is constant in my program and therefore I am not inserting it 
and I don't even see it in /var/log/localmessages

Dec 28 11:01:07 10.15.1.1 <?xml version="1.0" encoding="UTF-8"?>

but when I do see it in my tcpdump I do see it. 

I am not seeing these weird dashes when I use the tcp destination driver but the 
message is not in the required format so it blows up on the other side. 


Has anyone seen this issue before?  Any help will be greatly appreciated. 

Thanks,
Amit


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20101228/c5d23df3/attachment.htm