Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Syslog - Message forwarded from
Operating Systems AIX Syslog - Message forwarded from Post 302302938 by mlbillow on Wednesday 1st of April 2009 11:43:40 AM
Old 04-01-2009
We have done the same thing, but when you look at the raw message, instead of the host name, it has "Message forwarded from cola041:". I read somewhere that you might be able to use templates that are specified in the rsyslog.conf file.
 

10 More Discussions You Might Find Interesting

1. Solaris

syslog message..!

I got my system sun fire 6800 hung later reboot after generating these message can any one help me on this to review these message..!! nfssrv: WARNING: nfsauth upcall failed: RPC: Operation in progress mountd: cannot accept connection: 19: error unknown (current state -1) KAVE00166-W The... (13 Replies)
Discussion started by: nicknihal
13 Replies

2. Programming

why I can't get syslog message?

I read Unix network programming by richard,in chap12.3,it say if call syslog() by using parameter LOG_USER,it should write a message in /var/adm/messages in Solaris,such as "connected from 10.1.1.2",example file inet/daytimetcpsrv2.c.I want to know which syslog file in FreeBSD7.0?I look for... (1 Reply)
Discussion started by: konvalo
1 Replies

3. UNIX for Advanced & Expert Users

Q on <user> of syslog message generated by logger command

Generally(at least on AIX5.3, Solaris9, OS X)'logger' command would create syslog messages which carry <login name> . On Solaris9, I have experienced two circumstances in which 'logname' command fails. In this circumstance I saw the 'logger' command generated syslog messages which carry... (0 Replies)
Discussion started by: masaki
0 Replies

4. UNIX for Dummies Questions & Answers

Syslog Message Columns

Hi all, I need your help with syslog columns. Currently I have a script as follows: (extract) for messages in `cat syslog_message_list.txt`; \ do \ grep $messages syslog.`date +%d%m%y`.log | \ tr -s " " | \ cut -d" " -f4,9- | \ sort -k3.2,3 -k2,2 -k1nr,1 | \ uniq -c | \ sort -k3.2,3... (6 Replies)
Discussion started by: wthomas
6 Replies

5. Red Hat

Syslog Message

All thanks for the help in advance. I'm current have my syslog server built on RHEL5.7. I'm wondering how to I have the syslog messages categorized by hostname? Is that an option I can add to the syslog.conf? (1 Reply)
Discussion started by: aojmoj
1 Replies

6. AIX

Message redirected from syslog

Hi. recently in many of our lpars we are getting a message in errpt as "C6ACA566 0315094014 U S dtc MESSAGE REDIRECTED FROM SYSLOG". I have also checked the /etc/syslog.conf file. It doesn't point to error log. Can someone please advise about how to fix this error ? pmut3:/> errpt -aj... (4 Replies)
Discussion started by: newtoaixos
4 Replies

7. HP-UX

Generate message in syslog.log

Dear Concern, Is there any command to generate message in /var/adm/syslog/syslog.log file in HP-UX. With Best Regards, Kauser (2 Replies)
Discussion started by: makauser
2 Replies

8. Ubuntu

How redirect syslog message to a specified file?

Hello to everyone! I have a question about syslog. I want put the messages of log in a particular file but really i don't know how to do that or i don't get the results that I want. I do this: #include <stdio.h> #include <stdlib.h> #include <syslog.h> int main (void) { ... (4 Replies)
Discussion started by: Kovalevski
4 Replies

9. UNIX for Dummies Questions & Answers

Is it possible that X11 can be forwarded through a SSH tunnel

I communicate with the server via a ssh tunnel, configured via Putty. Recently, I'm trying to forward the X11 through it, but it doesn't work. Is there any one work this way? Searched with google, but didn't find anything. Thx in adv. (2 Replies)
Discussion started by: sleepy_11
2 Replies

10. Programming

Setting X-Forwarded-For In C

Question, I've been trying to find information for setting the X-Forwarded-For header in C programs, or basically how spoofing it works. I've seen how to do this in ruby, python, and even with curl. I tried searching Google for it, but have came up empty handed. Any links, examples or advice much... (11 Replies)
Discussion started by: Azrael
11 Replies

LEARN ABOUT DEBIAN

lire::syslog

Syslog(3pm)						  LogReport's Lire Documentation					       Syslog(3pm)

NAME

       Lire::Syslog - syslog style lines parser

SYNOPSIS

       use Lire::Syslog;

       my $parser = new Lire::Syslog;

       my $rec = $parser->parse( $line );

DESCRIPTION

       This module defines objects able to parse logs coming from several flavours of logging daemon.

       It currently supports the following syslog file formats:

       Classic BSD syslog daemon
	   The "classic" BSD syslog format:

	       MMM DD HH:MM:SS Hostname Message

       Solaris 8 syslog daemon
	   The Solaris 8 syslog daemon also includes the facility and level:

	       MMM DD HH:MM:SS Hostname Process[Pid]: [ID DDDDDD Facility.Level] Message

       Netscape Messaging Server logging daemon
	   The syslog daemon that comes with Netscape Messaging Server uses a date in common log format:

	       [DD/MMM/YYYY:HH:MM:SS +ZZZZ] Hostname Process[Pid]: Facility Level: Message

       WebTrends syslog daemon
	   The format used by the syslog daemon that comes with WebTrends:

	       WTsyslog[YYYY-MM-DD HH:MM:SS ip=HOSTNAME pri=WT_PRIORITY] <XX>Message

       Kiwi Syslog (ISO date format)
	   The ISO log file formats used by the Kiwi Syslog daemon (http://www.kiwisyslog.com/info_sysd.htm), a logging daemon often encountered
	   on Win32 platforms:

	       YYYY-MM-DD HH:MM:SS [TAB] Facility.Level [TAB] Hostname [TAB] Message

       Kiwi Syslog (US date format)
	   The US date format used by the Kiwi Syslog daemon:

	       MM-DD-YYYY HH:MM:SS [TAB] Facility.Level [TAB] Hostname [TAB] Message

       Kiwi Syslog (DD-MM-YYY date format)
	   The DD-MM-YYYY date format used by the Kiwi Syslog daemon:

	       DD-MM-YYYY HH:MM:SS [TAB] Facility.Level [TAB] Hostname [TAB] Message

       Sendmail Switch logging daemon
	   The format used by the logging daemon coming with Sendmail Switch on Win32 platforms:

	       MM/DD/YY HH:MM:SS Process(Pid): Level: Message

       RFC 3164-compliant Syslog daemon
	   A format from RFC 3164-compliant Syslog daemons which includes the encoded priority and the year in the date.  RFC 3164 defines the
	   "BSD Syslog Protocol".

	       <Priority>MMM DD YYYY HH:MM:SS: Process[Pid]: Message

       The first time the parse() method is used, the parser will try each of the supported formats to detect the syslog format. If no format
       matches, the module will call lr_err() and abort the program. Each other parse() invocation will use the same format.

       The parse() method will return an hash reference which contains the following keys:

       timestamp
	   The timestamp of the event.

       hostname
	   The name or IP address of the host that sended the message.

       process
	   The "process" that logged the event. Formally, the syslog message doesn't contain a process field but its usually the first word coming
	   before a colon in the message's content.

       pid The PID of the process that logged the event. This is usually what is between [] in the process part of the message.

       identifier
	   This key is only present when the log comes from a Solaris 8 syslog daemon. It contains the identifier that comes after ID in the
	   message.

       facility
	   The syslog facility (kern, mail, local0, etc.) of the message. This isn't supported in all file formats so this key might be
	   unavailable.

       level
	   The syslog level (emerg, info, notice, etc. ) of the message. This isn't supported in all file formats so this key might be
	   unavailable.

       content
	   The actual syslog message (with the process and pid removed). Many network devices will also have another BSD-style timestamp at the
	   beginning of the message. If present, it will also be removed.

USAGE

	package Lire::Foo;

	use base qw/ Lire::Syslog /;

	sub parse {
	   my $self = shift;
	   my $line = shift;

	   # this runs parse from Lire::Syslog, setting keys like 'day', 'process'
	   # and 'hostname'
	   my $rec = $self->SUPER::parse($line);

	   $rec->{'foo'} = dosomethingwith( $rec->{'content'} );

	   return $rec
	}

       Now, one can run in a script

	my $parser = new Lire::Foo();

	while ( <> ) {
	   chomp;
	   my $log = $parser->parse( $line );
	}

       which sets $log->{'day'}, ... $log->{'process'} and $log->{'foo'}.

SEE ALSO

       Lire::Email(3)

AUTHORS

	 Joost van Baal, Francis J. Lacoste.  Initial idea by Joost Kooij

VERSION

       $Id: Syslog.pm,v 1.15 2006/07/23 13:16:30 vanbaal Exp $

COPYRIGHT

       Copyright (C) 2000-2002 Stichting LogReport Foundation LogReport@LogReport.org

       This file is part of Lire.

       Lire is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free
       Software Foundation; either version 2 of the License, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
       http://www.gnu.org/copyleft/gpl.html.

Lire 2.1.1							    2006-07-23							       Syslog(3pm)
All times are GMT -4. The time now is 04:48 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy