On Wed, 27 Jan 2016, Muhammad Asif wrote:
Hi Geeks,
My snort is not attaching year in logs. I want to forward these logs to nex
server but i want to add year in timestamp. I tried many templates but no
to avail, result is same like "Jan 27 15:32:17". How can i add year in
timestamp.
%timegenerated:::date-unixtimestamp%
%timegenerated:::date-rfc3339%
%timegenerated:::date-strftime(%Y-%m-%d %H:%M:%S)%
you can't put a year in the timestamp when using a rfc3164 message format, you
can only do it when using the rfc5424 format (RSYSLOG_ForwardFormat as opposed
to RSYSLOG_TraditionalForwardFormat)
now, you can put anything you want in the message body, and I format the message
body as JSON so that I can do so and still extract the original message.
David Lang
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
