[syslog-ng] multi-line logs and program/facility filters
Michael Thénault
michael.thenault at gmail.com
Fri Aug 10 14:35:10 UTC 2018
Hello,
I have an Issue with syslog-ng 3.16.1 and multi-line logs.
I try to configure per-application filters using either the program
name or a facility.
The applications use the traditional syslog() from syslog.h.
When an application logs multiple lines, only the first line is filtered.
Indeed, the program name or facility is only applied to the first line.
Example :
$ logger -t testprog "line1
line2
line3"
$ cat /var/log/messages
2018-08-10T16:26:14.000000+02:00 testprog: line1
2018-08-10T16:26:14.899505+02:00 line2
2018-08-10T16:26:14.899505+02:00 line3
The log source is unix-stream("/dev/log" );
What can I do to fix this ?
Thanks in advance for your help.
Thanks & Regards,
Michael
More information about the syslog-ng
mailing list