On Fri, 23 Nov 2012, Rainer Gerhards wrote:
From: rsyslog-boun...@lists.adiscon.com [mailto:rsyslog-
boun...@lists.adiscon.com] On Behalf Of Marcin Miroslaw
I've forgot about links to docs.
http://www.ciscopress.com/articles/article.asp?p=424447&seqNum=2
http://www.cisco.com/en/US/docs/security/asa/asa70/system/message/logms
gs.html#wp1019931
Excellent!
but I'm not familiar with Cisco, please don't ask too difficult
questions;)
At this point, we really don't need to understand what the message means. I
asked for the doc so that I can lookup what type of parameter to expect (it's
syntax). This is what mmnormalize is concerned about.
I am pretty familiar with Cisco logs, so I should be able to help
The problem is that the format of any particular log message does not correlate
with the other, similar log messages. In the past when I've had to deal with
them, I've had to setup a parser for each message code.
The good news is that the messages are well behaved at that point, so once you
identify the %ASA number, you know exactly what the rest of the message means.
David Lang
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
