Home > syslog ng > Syslog-ng log format

Syslog-ng log format

September 2Hits:1
Advertisement

I am using a centralised syslog-ng loghost to collect logs and syslog-ng on some of the clients.

On one particular client, running syslog-ng on Devil Linux, syslog entries are sent ( confirmed with tcpdump ) with the following format

DATE [email protected] MESSAGE 

where local is the name of the source from the config file

source local { file("/proc/kmsg" program_override("kernel: ")); unix-stream("/dev/log" max-connections(1000)); internal(); };  log { source(local); destination(console); }; 

Non of the other syslog-ng hosts do this, although most are Centos 5.4 running syslog-ng 2.1.4 where as this is syslog-ng version 3.05

Does anyone know why this is happening and how to stop it.

EDIT: Full config file

 @version: 3.0  ##################################################################### # define options for syslog ##################################################################### options { long_hostnames(on); flush_lines(0); time_reopen(60); use_dns (no); };  ##################################################################### # define the source pipe for all local messages ##################################################################### source local { file("/proc/kmsg" program_override("kernel: ")); unix-stream("/dev/log" max-connections(1000)); internal(); };  ##################################################################### # print all messages on tty10 ##################################################################### destination console { file("/dev/tty10"); }; log { source(local); destination(console); };  ##################################################################### # send all messages to the loghost #####################################################################  destination loghost {   udp("192.168.45.15" port (514)) ;  }; log { source(local); destination(loghost); };  ##################################################################### # send all messages to /var/log/messages ##################################################################### #destination logfile { file("/var/log/messages"); }; #log { source(src); destination(logfile); };  ##################################################################### # END #####################################################################  

Answers

Normally, the "[email protected]" string is a result of either one of these config options:

chain_hostnames(yes);
long_hostnames(yes);

I can't remember exactly if this one more option is involved:

keep_hostname(yes);

Please update your question with full config file.

EDIT: seems like long_hostnames(on) is at fault. Surely, some of the syslog-ng options are not only misnamed, but also very poorly documented. I've tried to re-engineer this mess and I've put the results here at http://serverfault.com/questions/26430/fqdns-during-migration-from-syslogd-to-syslog-ng

Tags:syslog ng

Related Articles

  • Syslog-ng log formatSeptember 2

    I am using a centralised syslog-ng loghost to collect logs and syslog-ng on some of the clients. On one particular client, running syslog-ng on Devil Linux, syslog entries are sent ( confirmed with tcpdump ) with the following format DATE [email protected]

  • Syslog-ng log template \\011 characterNovember 30

    I have a problem with syslog-ng. I want to make syslog-ng to format the logs like below: template("$YEAR-$MONTH-$DAY\\011$HOUR:$MIN:$SEC\\011$HOST\\011$MSGHDR$MSGONLY\n") But it logs without the "\". Just "011". Example: Expe

  • Is there a way to determine the log format if given a ".log" file?July 10

    Is there a way to determine the kind of log (so that it can be parse correctly) if I have no prior information about the type (for eg. syslog, apache log, IIS log) of log it is? I am trying to write a Grok filter for the logs but I have no idea what

  • log format ignored for frontend 'http-in' since it has no log addressSeptember 2

    I'm using the following haproxy.cfg from the couchdb project: global maxconn 512 spread-checks 5 defaults mode http log global monitor-uri /_haproxy_health_check option log-health-checks option httplog balance roundrobin option forwardfor option redi

  • Apache Custom Log FormatMarch 11

    I am trying to write a reward system wherein users will be given reward points if they download complete files, So what should be my log format. After searching alot this is what I understand its my first time and havent done custom logs before. Firs

  • Looking for ANY free GUI software to view W3C Extended Log Format files June 29

    I am looking for some free GUI software (preferably for OSX/Linux) that is capable of parsing W3C Extended Log Format log files: http://en.wikipedia.org/wiki/Extended_Log_Format My web server stores logs in this format, and I'm looking for an alterna

  • Game log format for MMO serversOctober 13

    A log of game events (as opposed to error / debug logs) for an entire cluster/shard is very useful for a commercial MMO that is in a live production environment, providing vital support for customer service, and the means for historical analytics. Th

  • Is it possible to specify custom error log format in nginx?November 25

    I can specify custom log format for access log in nginx, but it won't work for error log. I wish I always saw time when error occur. Is it possible? --------------Solutions------------- No, you cannot change the error log format without changing the

  • Is there any standard log format that includes time taken to serve the request? Can i just add it without breaking standard logfile parsers?February 15

    I would like to log the %D and %O log format strings in apache 2. They are the time taken to serve a request in microseconds and the total bytes sent. This is useful to generate stats of the server file serving speeds and see whether connectivity to

  • Apache: Is it possible to set a default custom log format to be used by all vhosts?August 31

    I would like to set up custom logging for my vhosts in Apache 2.2: What I'm looking for is a way to define a custom log format (once) that I can then use as the format for all of my vhost's configs custom logs. Can I define the log format at the top

  • How can I achieve separate colors for current, local, and remote ref names when using a custom git log format?

    How can I achieve separate colors for current, local, and remote ref names when using a custom git log format?September 21

    I have a custom git log format that I use. I have color.ui=true set in my .gitconfig. For example this simple format: git log --pretty=format:"%h %d %s" --decorate This would print something like 52a41e0 (HEAD, local) Commit message foo 185bd17

  • apache custom-log format with regex expressionOctober 5

    We have apache webserver as "entry" for incoming traffic it then delegates to tomcats with mod_jk. We want to log the HTTP digest username, sample header: Authorization: Digest username="Mufasa", realm="[email protected]", n

  • Ubuntu syslog: After log rotation nothing is written on /var/log/syslogSeptember 2

    I've been running a Ubuntu VPS for a few weeks now, so a couple of monthly log rotations took place yestarday. For things like /var/log/wtmp things look as expected: logfile has recent entries, while logfile.1 older entries. However, /var/log/syslog

  • Haproxy not logging captured request headers with custom log formatSeptember 13

    Earlier i was not specifying a custom log format, and the captured request headers were getting printed fine. I wanted to log the unique-id-header, but could not find any way of doing so. So i copy pasted the log-format mentioned on http://haproxy.1w

  • Logwatch configured for nginx with custom log format gives empty outputJanuary 14

    Problem I have configured logwatch (CentOS 5.8, x64) to include nginx, using this as a guideline and using the Apache and nginx documentation on log formats. The problem is, that I'm using a specific log format, being: log_format main '$remote_addr -

  • What is the default apache2 log format and where is defined such default?March 4

    I review (a fast reading) Apache Module mod_log_config and can't figure out what is the apache2 default log format and where is defined it. Any idea? Note that what is on /etc/apache2/conf.d/other-vhosts-access-log is not a default option but a globa

  • Combined log format POST sizeJuly 19

    I'm checking some combined Apache logs that looks like this: [19/Jul/2013:07:58:07 -0700] "POST /website.com/posting.php?mode=post&id=1 HTTP/1.1" 200 13258 I assume 13258 is the size and I assume it's 13k. But I know this was for like a 150k

  • Binary Log Format in MySQLNovember 6

    Reference manual for MySQL 5.6 states that " Some changes, however, still use the statement-based format. Examples include all DDL (data definition language) statements such as CREATE TABLE, ALTER TABLE, or DROP TABLE. " Does this statement mean

  • How to send snmp trap when syslog is logged?March 4

    I need to send snmp trap n number of host whenever any syslog is logged in /var/log/messages. How can I do this, can anybody give me any idea? --------------Solutions------------- If you use (or switch to) rsyslog, you can install the omsnmp module w

  • apache server log format changeOctober 3

    I edited the the httpd.conf to change the log format of apache 2.4 on my windows machine Specifically I edited and made the following changes: #LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"&q

Copyright (C) 2017 ceus-now.com, All Rights Reserved. webmaster#ceus-now.com 14 q. 0.553 s.