[syslog-ng] cisco/squid feedback
Clayton Dukes
cdukes at gmail.com
Mon Mar 7 14:40:55 CET 2011
Cisco messages are easy to log than most IMHO.
The great thing about them is that they include the starting Mnemonic
(Facility-Severity-Mnemonic).
Take a look at my whitepaper here:
http://www.cisco.com/en/US/technologies/collateral/tk869/tk769/white_paper_c11-557812.html
I also use these to track Cisco events in my tool, LogZila (
http://www.logzilla.pro). The great thing about them is that by tracking
them, you can instantly get a view of your network problems by generating
graphs of top 10 mnemonics.
You can see what I mean by looking at the demo site at
http://demo/logzilla.pro - once there, just click on "Charts>Top10>By
Count>Cisco Mnemonics".
______________________________________________________________
Clayton Dukes
______________________________________________________________
On Mon, Mar 7, 2011 at 6:35 AM, Alexander Clouter <alex at digriz.org.uk>wrote:
> Hi,
>
> Digging around, I could not find anything on how to 'sensibly' log the
> junk that Cisco IOS devices (and their infernal WLC) spit out plus I was
> keen to rewrite squid HTTP proxy server logs to make use of the
> epoch+msec timestamp found in the MSG.
>
> I have documented, very roughly, my current solution on my website and
> would welcome amendments/fixes/flames/etc on the approach:
>
> http://www.digriz.org.uk/syslog-ng-integration
>
> Before you ask, I use 'match("fqdn.example.com" value("HOST_FROM") ...)'
> as netmask() is broken for IPv6 :)
>
> Cheers
>
> --
> Alexander Clouter
> .sigmonster says: When pleasure remains, does it remain a pleasure?
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20110307/786e583a/attachment.htm
More information about the syslog-ng
mailing list