[syslog-ng] getting "Error processing log message" for checkpoint logs
Russell Fulton
r.fulton at auckland.ac.nz
Mon May 18 02:15:12 UTC 2020
I am trying to ingest logs from a checkpoint firewall over a tcp connection:
source s_checkpoint {
network( transport("tcp") flags(no-multi-line) port(2514) keep-alive(yes) flags(syslog-protocol) );
};
# added flags(syslog-protocol) on suggest of checkpoint docs for syslog-ng
destination d_debug {
file( "/data/russell//test.log" );
};
log {
source( s_checkpoint );
destination( d_debug );
};
This is what turns up in the output:
May 18 12:10:42 secmgrprd02 syslog-ng[1555]: Error processing log message: <134>1 2020-05-17T23:33:27Z smartlog01 CheckPoint 25651 -…..
Any ideas on what is going on or how to find out?
Russell
More information about the syslog-ng
mailing list