[syslog-ng] cisco rewrite code
Balazs Scheidler
bazsi77 at gmail.com
Fri Oct 12 18:48:25 CEST 2012
The best would be to write a cisco mnemonic parser that would transform that stuff to name-value pairs.
Also we've used the program name portion in patterndb to parse out those. iirc it starts with %
----- Original message -----
>
> Does anyone have a pre build set of patterns/rewrite rule to rewrite all
> cisco logs into something that is a little more compliant?
>
> We are trying to use a master pattern database to identify/classify
> messages, but the cisco logs don't have usable "program names" so the
> pattern database can't even get started :-(
>
> Thanks for any pointers.
>
> --
> Evan
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng FAQ:
> http://www.balabit.com/wiki/syslog-ng-faq
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20121012/c4cbda99/attachment.htm
More information about the syslog-ng
mailing list