[syslog-ng] Message Macros
Fabien Wernli
wernli at in2p3.fr
Thu Aug 27 08:07:24 UTC 2020
Hi Mark,
On Wed, Aug 26, 2020 at 05:27:26PM +0000, Faine, Mark R. (MSFC-IS40)[NICS] wrote:
> I'm having trouble finding a line that has the double date anywhere but in the Cisco ISE logs. It may only be affecting those logs. I think it's pretty clear now that the second date is part of the log message as it is sent by the client.
Cisco is part of the usual suspects as far as non-standard syslog messages
are concerned.
Did you know syslog-ng shipped with a cisco parser? I'd definitely try that
if I were you!
More information about the syslog-ng
mailing list