P.S. this confusion of templates being useful for parsing messages seems to be a
common one, any suggestions on what we should put in the documentation to make
clear that they are for output only, not for parsing messages?
David Lang
On Wed, 11 Oct 2023, Gundlapally, Navanitha via rsyslog
I'll take 'A big note saying "TEMPLATES ARE FOR OUTPUT ONLY"' for 10 points
please.
On Wed, Oct 11, 2023, 21:06 David Lang via rsyslog <
rsyslog@lists.adiscon.com> wrote:
> P.S. this confusion of templates being useful for parsing messages seems
> to be a
> common one, any suggestions on what we
please post your full config (you can have rsyslog combine all include files
into one file to see them as rsyslog does by starting rsyslog with -o
/path/to/file)
It sounds as if you have additional imfile inputs that already specify these
files, but without the full config, it's hard to guess
Templates are how you format messages that you are outputting, they have nothing
to do with parsing messages.
I would first suggest that you log the message with the template
RSYSLOG_DebugFormat so that you can see all the variables that get parsed out of
the message already, and what is
most distros have additional rsyslog-* packages that include modules that have
other dependencies, and it's common for omudpspoof to be in those additional
packages.
David Lang
On Wed, 11 Oct 2023, Raghunatha Reddy wrote:
Dear David & Rainer,
How are you doing? As part of my work, I need
Am Di., 10. Okt. 2023 um 22:17 Uhr schrieb David Lang :
>
> On Tue, 10 Oct 2023, Michael Biebl wrote:
>
> > Am Di., 10. Okt. 2023 um 21:49 Uhr schrieb David Lang :
> >>
> >> I see people putting things in /etc/rsyslog.d besides configs, so locking
> >> down
> >> /etc may trip them up.
> >
> >
Hi Team,
I am new to this community and hoping to get some help with my below query.
We are collecting some network logs from client devices to a Syslog collector
(A) which is managed by Vendor and the next hop is on the syslog collector (B)
managed by us. On Collector B, I see the events are
hi,
We found the fault. Syntax error , there is a missing / in front of
var/log/..
It was not caught by running the syntax check rsyslogd -f
/etc/rsyslog.conf -N1
Regards,
Ole Frøslie
On Wed, 11 Oct 2023 at 14:04, Ole Froslie wrote:
> Hi all,
> I struggle with an rsyslog issue.
>
> I have
Hi all,
I struggle with an rsyslog issue.
I have set up the following config in /var/etc/rsyslog.d/
module(load="imfile")
input(type="imfile" File="var/log/ipa_access_agg.log" Tag="ipa-access-log"
Facility="local0")
input(type="imfile" File="/var/log/dirsrv/slapd-COM4-NET/security"
9 matches
Mail list logo
