Menu
What's new
By:
Filters Better Search

Scribe Parsing other syslog-ng sources

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

E

elorimer

Part of the Furniture
I thought I would record this in case it helps someone (probably future-me).

I have other devices that send to my AX88U as a remote log server. Those include other Asus routers running Asus-Merlin, and they include some devices running syslog-ng (two TrueNAS servers). I've long puzzled why messages sent by syslog-ng end up looking like this:
Code: 
Jan 30 00:10:00 truenas-main 1 2023-01-30T00:10:00.003185-05:00 truenas-main.local /usr/sbin/cron 22084 - - (root) CMD (/usr/libexec/atrun)
You can see the normal time stamp, the host and then the full message including the original time stamp.

I found, in order to reformat these messages, I had to invoke the default parser explicitly, break the message apart, and put it back together:
Code: 
     parser {
                syslog-parser();
            };
template("${R_DATE} ${HOST} ${PROGRAM} ${MESSAGE}\n")
Then I get a more familiar message:
Code: 
Feb 26 01:05:00 truenas-main.local /usr/sbin/cron 75743 - - (root) CMD (/usr/libexec/atrun)
 
elorimer said:
I thought I would record this in case it helps someone (probably future-me).

I have other devices that send to my AX88U as a remote log server. Those include other Asus routers running Asus-Merlin, and they include some devices running syslog-ng (two TrueNAS servers). I've long puzzled why messages sent by syslog-ng end up looking like this:
Code: 
Jan 30 00:10:00 truenas-main 1 2023-01-30T00:10:00.003185-05:00 truenas-main.local /usr/sbin/cron 22084 - - (root) CMD (/usr/libexec/atrun)
You can see the normal time stamp, the host and then the full message including the original time stamp.

I found, in order to reformat these messages, I had to invoke the default parser explicitly, break the message apart, and put it back together:
Code: 
     parser {
                syslog-parser();
            };
template("${R_DATE} ${HOST} ${PROGRAM} ${MESSAGE}\n")
Then I get a more familiar message:
Code: 
Feb 26 01:05:00 truenas-main.local /usr/sbin/cron 75743 - - (root) CMD (/usr/libexec/atrun)
Click to expand...

Hi elorimer

I get this message after applying the latest entware update. Any ideas - please. Thanks


@RT-AX86U-AC30:/tmp/home/root# syslog-ng.conf version check ...Error opening plugin module; module='http', error='libssl.so.1.1: wrong ELF class: ELFCLASS32'
 
There are at least two other threads discussing this, active as of only a few hours ago. Good answers to both your posts.
 
You must log in or register to reply here.

Similar threads

cmkelley
Scribe scribe 3.x_y - syslog-ng and logrotate installer
8 9 10
Replies
190
Views
13K
elorimer
E
A
Scribe Scribe / syslog-ng re-load question
Replies
5
Views
2K
archiel
A
garycnew
[DEVEL] Asuswrt-Merlin Remote Log Server (Syslog & Syslog-ng Synergy) to Centralize Primary Router & AiMesh Node System Logs
2
Replies
28
Views
7K
garycnew
garycnew
M
r7800 - repeating syslog message dnsmasq[19634]: NOT DNS Hijack mode!!!
Replies
1
Views
1K
Mariachi
M
cmkelley
Scribe scribe - syslog-ng and logrotate installer
68 69 70
Replies
1K
Views
168K
Butterfly Bones
Butterfly Bones
Similar threads
Thread starter Title Forum Replies Date
S Scribe Strange Issue with Scribe / Syslog-NG after Reboot Asuswrt-Merlin AddOns 5
W Scribe Where is the routers source/original unfiltered syslog Asuswrt-Merlin AddOns 3
Ripshod Syslog-NG "system messages" weirdness Asuswrt-Merlin AddOns 2
Olndo Pindaro Solved PixelSvr doesn't start and give strage kernek messagge on syslog Asuswrt-Merlin AddOns 5
U Scribe syslog-ng not starting on boot if IPv6 enabled. Asuswrt-Merlin AddOns 31
cmkelley Scribe scribe 3.x_y - syslog-ng and logrotate installer Asuswrt-Merlin AddOns 190

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 617 (members: 28, guests: 589)
Top