[syslog-ng] insert timezone into log
Asif Iqbal
vadud3 at gmail.com
Thu Apr 26 02:36:46 UTC 2018
On Wed, Apr 25, 2018 at 12:57 PM, Asif Iqbal <vadud3 at gmail.com> wrote:
>
> On Wed, Apr 25, 2018 at 12:49 PM, Asif Iqbal <vadud3 at gmail.com> wrote:
>
>> How do I change the time in the log to append a timezone. Timestamp
>> should be based on generateTime=1523620861 which is in the log
>>
>> So today the time in the shows like this
>>
>> Apr 25 16:46:51 host.example.net .., generateTime=1524674663, ...
>>
>> I like to change it like below
>>
>> 2018-04-25T16:46:55+0000 host.example.net
>> ...,generateTime=1524674663, ....
>>
>>
>>
>>
>
>>
>> {"PROGRAM":"alarmLog,","PRIORITY":"notice","MESSAGE":"applianceName=KING-MER-50-PRI,
>> tenantName=king, alarmType=vrrp-v3-proto-error, alarmKey=0|vni-0/3.0,
>> generateTime=1523620861, applianceId=1, vsnId=0, tenantId=4,
>> alarmCause=causeOther, alarmClearable=no, alarmClass=new, alarmKind=root,
>> alarmEventType=equipmentAlarm, alarmSeverity=indeterminate,
>> alarmOwner=tenant, alarmSeqNo=36657, alarmText=\"vni-0/3.0\",
>> siteName=","HOST":"host.example.net","FACILITY":"user","DATE":"Apr 13
>> 04:01:22"}
>>
>
>
> That was the output of
>
> filter f_alarm { facility(user) and match("alarmLog" value("PROGRAM"));
> };
>
> destination d_alarm { file ("/var/log/alarms.log"
> template("$(format-json -s syslog-proto)\n")); };
>
>
I am using syslog-ng version 3.5.6, latest from centos 7
>
>
>
>
>> --
>> Asif Iqbal
>> PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
>> A: Because it messes up the order in which people normally read text.
>> Q: Why is top-posting such a bad thing?
>>
>>
>
>
> --
> Asif Iqbal
> PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
> A: Because it messes up the order in which people normally read text.
> Q: Why is top-posting such a bad thing?
>
>
--
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20180425/3e9827e1/attachment-0001.html>
More information about the syslog-ng
mailing list