[syslog-ng] Testing structured data syslog messages
Lance Laursen
lance at demonware.net
Fri Feb 4 02:11:08 CET 2011
Hello list,
I am currently trying to test structured data log messages with syslog-ng.
I'm running syslog-ng-3.1.2-1.rhel5. Setup is very simple, with a udp source
and a destination to /var/log/messages. Here's the line i'm trying to use to
test with, which according to the RFC, should be fine:
echo -n '<165>1 2011-02-03T22:14:15.003Z superhostomg process - ID47
[exampleSDID at 32473 iut="9" eventSource="rawr" eventID="69"] Message portion.
Test log with structured data.' | nc -w 1 -u localhost 514
Unfortunately it is showing up in logs as this:
2011-02-03T22:45:30+00:00 localhost 1 2011-02-03T22:14:15.003Z superhostomg
process - ID47 [exampleSDID at 32473 iut="9" eventSource="rawr" eventID="69"]
Message portion. Test log with structured data.
So all of the metadata is being printed to $MSG. What am I doing wrong?
Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20110203/5e9ba8ac/attachment.htm
More information about the syslog-ng
mailing list