[syslog-ng] Issue with timestamp

Andrew toranagtrx at gmail.com
Sun Jun 18 00:40:43 UTC 2017


I looked into it further and the firewall is sending the year in the
message, I thought that it wasn't but it was getting chopped off in the
json output.
I rectified it by using ${MSGHDR}${MSG} in my template which now gives me
the full timestamp in the message which is mainly what I needed.

I will look into the date-parser thanks for the info.

On Sun, Jun 18, 2017 at 7:14 AM, Fabien Wernli <wernli at in2p3.fr> wrote:

> Hi Andrew,
>
> If you have a recent enough syslog-ng version, you can use the date-parser
> to parse your date. Otherwise, I guess you could use the current year $YEAR
> and add it to the message using a rewrite rule.
>
> Cheers
>
> ____________________________________________________________
> __________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?
> product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20170618/051fae6a/attachment.html>


More information about the syslog-ng mailing list