Hi, We recently started to receive logs from a Snare client. I applied the configuration changes proposed here: http://wiki.rsyslog.com/index.php/Using_Snare_as_a_client_on_Windows
After restarting rsyslog, I get the following error: -- 2009-10-27T06:45:39.067279-04:00 logserger rsyslogd: [origin software="rsyslogd" swVersion="4.2.0" x-pid="29021" x-info="http://www.rsyslog.com";] (re)start 2009-10-27T06:45:39.063213-04:00 logserger rsyslogd-3000: unknown priority name "" [try http://www.rsyslog.com/e/3000 ] 2009-10-27T06:45:39.063571-04:00 logserger rsyslogd: the last error occured in /etc/rsyslog.conf, line 18 2009-10-27T06:45:39.064044-04:00 logserger rsyslogd: warning: selector line without actions will be discarded 2009-10-27T06:45:39.064213-04:00 logserger rsyslogd-2123: CONFIG ERROR: could not interpret master config file '/etc/rsyslog.conf'. [try http://www.rsyslog.com/e/2123 ] -- If I comment out the "%msg:::space-cc%" part it starts up cleanly but I assume that the filtering won't work. Suggestions? Thanks, Martin This email and any attachments are confidential, and may be legally privileged and protected by copyright. If you are not the intended recipient dissemination or copying of this email is prohibited. If you have received this in error, please notify the sender by replying by email and then delete the email completely from your system. Any views or opinions are solely those of the sender. This communication is not intended to form a binding contract unless expressly indicated to the contrary and properly authorised. Any actions taken on the basis of this email are at the recipient's own risk. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com
