syslog-ng-users April 2011 archive
Main Archive Page > Month Archives  > syslog-ng-users archives
syslog-ng-users: [syslog-ng] Formatting syslogs using syslog-ng

[syslog-ng] Formatting syslogs using syslog-ng

From: Pramod Pillai <pramodpillaip_at_nospam>
Date: Wed Apr 13 2011 - 11:44:19 GMT
To: syslog-ng@lists.balabit.hu

Hi

I need to format the below syslog message.

Apr 13 07:37:28 host-mgr dhcpd: [ID 702911 local7.error] DHCPDISCOVER
to
Apr 13 03:37:15 host-mgr 23 3 DHCPDISCOVER

My destination config looks like this.
destination sol_dest { file("/var/log/sol_syslog" perm(0644)
template("$S_DATE $HOST $FACILITY_NUM $LEVEL_NUM $MSGONLY\n")
template_escape(no) ); };

With the template mentioned above I am getting output as shown below.
I need to remove " [ID 702911 local7.error] " . How to do it.
Apr 13 03:37:15 mgr-t 23 3 [ID 702911 local7.error] DHCPDISCOVER

I am running this on Solaris machine with syslong-ng 3.1.2

Regards
Pramod
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.campin.net/syslog-ng/faq.html