[syslog-ng] Convert logs back into syslog-ng logs
Laszlo Szemere (lszemere)
Laszlo.Szemere at oneidentity.com
Mon Jul 6 18:38:54 UTC 2020
Hello Mark,
there are many (too many?) options to do this. To avoid "solving a problem that doesn't exist", we should start from your specification. Some helping question:
- What is writing those files in the first place? (If the soul purpose of those files is to store messages temporary, Syslog-ng has a built in file buffer solution.)
- What is the format of the individual messages in those files?
- What is the life cycle of those files. (It is always hazardous if two application is writing and reading the same file at the same time without any synchronization.)
To speed things up:
IF !!! If your file is in syslog format, than a simple "file" source will do the job for you. For further information please read our administration guide: https://www.syslog-ng.com/technical-documents/doc/syslog-ng-open-source-edition/3.21/administration-guide/18#TOPIC-1180429
Best regards,
Laci
________________________________
From: syslog-ng <syslog-ng-bounces at lists.balabit.hu> on behalf of Faine, Mark R. (MSFC-IS40)[NICS] <mark.faine at nasa.gov>
Sent: Monday, July 6, 2020 20:23
To: Syslog-ng users' and developers' mailing list <syslog-ng at lists.balabit.hu>
Subject: [syslog-ng] Convert logs back into syslog-ng logs
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
I would like to read lines from a file back into log data that syslog-ng can parse. What would be involved in doing this?
Thanks,
-Mark
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20200706/3b7324a7/attachment.html>
More information about the syslog-ng
mailing list