[syslog-ng] Time Conversion and String delimiter

Balazs Scheidler bazsi77 at gmail.com
Wed Aug 7 22:21:51 CEST 2013


Hi,

Date conversion is not possible at the moment I'm afraid.

Hi,
I have a non-standard (not rfc 5414) log message format coming into
syslog-ng client. I am trying to use csv-parser to parse into custom macros
and send it off to syslog-ng host in the correct format.

With no-parse option, how do I make syslog-ng handle this incoming
timestamp: [July 30, 2013 10:19:06 AM] ? It would be so much easier to
simply use the timestamp for the time message received in syslog-ng (e.g
$DATE marco) but I have to extract the timestamp from the message itself
somehow.

Example: [July 30, 2013 10:19:06 AM EDT] DisplayType=CLEAR
ClassName=Host....

Secondly, the documentation of syslog-ng seems to hint that I can use
string delimiter in parser. "Currently only the csv-parser is implemented,
which can separate *columns based on delimiter characters and strings."* but
it also says that "*If you specify multiple characters, every character
will be treated as a delimiter."* . Is there a way for me to use a string,
not single characters, as delimiters in csv-parser?

Thanks.****

** **

------------------------------

*Please consider the environment before printing this email.*

*Visit our website at http://www.nyse.com
*****************************************************************************

Note: The information contained in this message and any attachment to it is
privileged, confidential and protected from disclosure. If the reader of
this message is not the intended recipient, or an employee or agent
responsible for delivering this message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited. If you have received this
communication in error, please notify the sender immediately by replying to
the message, and please delete it from your system. Thank you. NYSE
Euronext. *

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation:
http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20130807/fcb892ec/attachment.htm 


More information about the syslog-ng mailing list