[syslog-ng] log message difference between syslog and syslog-ng?

Evan Baer evan.d.baer at gmail.com
Fri Apr 29 18:18:26 CEST 2011


Hello,

We switched one of our last remaining syslog servers to syslog-ng a
few days ago, with no major surprises, except for one small difference
in log message formatting between syslog and syslog-ng for messages
from some of our network devices.

The difference is in the added ':' in the 5th column, after the hostname:

Apr 27 12:48:52 10.26.13.65 oob1-switch, System: Set fan speed to MED (75%)
Apr 28 16:59:53 10.26.13.65 oob1-switch,: System: Set fan speed to LOW (50%)

(the first line is from syslog, the second is from syslog-ng3-3.1.1,
running on freebsd)

For what it is worth, this formatting difference also occurs with
other devices of the same manufacturer and model which have valid
reverse ip entries in dns.

We have a few support scripts which read the logs and are picky about
the line formatting, so I'm keen to tweak the output lines in
syslog-ng.conf if possible.

Thoughts?

Thanks in advance,
    -- Evan


More information about the syslog-ng mailing list