[rsyslog] Help with configurin rsyslog
Alex Samad
alex at samad.com.au
Fri Jun 19 10:05:01 CEST 2009
Hi
I have a syslog line that looks like this
Jun 18 10:35:53 Thu Jun 18 10:42:37 2009 dlink-dir-855 System Log:
Stored configuration to non-volatile memory
notice the double dates stamps and it seems like I should be able to
rectify this with rsyslog, but I am not sure how.
I have had a quick look at the doco and the wiki, but there aren't any
example's of replacing/reformatting from specific hosts
note the above line is from a dlink dir-855 router/access point
I also have these
Jun 18 10:55:00 127.0.0.1 time="2009-06-18 10:55:00" msg="LOGIN User
logged in on TELNET (192.168.1.100)"
from a speedtouch 546v6 then I need to munge.
Any pointers or working examples would be helpful
Thanks
More information about the rsyslog
mailing list