[syslog-ng] Syslog-ng header & rfc5424
Florian Goulais
goulais.florian at gmail.com
Fri Jul 19 11:44:42 UTC 2019
If you send text to udp 514 port, syslog Will and a prefix:
<timestamp> <host>
The rfc5424 say that syslog header must start with PRI :
< prival >
Then version :
<VERSION>
And eventauly hostname:
<hostname>
The pri is a number that indicate severity and facility.
Le ven. 19 juil. 2019 à 12:38, Gabor Nagy (gnagy) <
Gabor.Nagy at oneidentity.com> a écrit :
> Hi Florian,
>
> Can you be a bit more specific, please? Sorry, but I don't understand it.
>
> Is syslog-ng storing your log in a different format than RFC5424?
>
>
> Regards,
> Gabor
>
> ------------------------------
> *From:* syslog-ng <syslog-ng-bounces at lists.balabit.hu> on behalf of
> Florian Goulais <goulais.florian at gmail.com>
> *Sent:* Friday, July 19, 2019 11:36
> *To:* syslog-ng at lists.balabit.hu
> *Subject:* [syslog-ng] Syslog-ng header & rfc5424
>
> CAUTION: This email originated from outside of the organization. Do not
> follow guidance, click links, or open attachments unless you recognize the
> sender and know the content is safe.
>
>
> Hi.
> I'am trying to understand why syslog-ng and an header (timestamp host) to
> log as the rfc specify another header.
> Someone can explain me the reason plz ?
> Regards
> Florian
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20190719/683b2491/attachment.html>
More information about the syslog-ng
mailing list