[rsyslog-notify] Forum Thread: Re: Perform DNS lookup on $hostname - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Tue Jan 6 21:03:25 CET 2015
User: dlang
Forumlink: http://kb.monitorware.com/viewtopic.php?p=25156#p25156
Message:
----------
if all you are sent is:
@cee:
{"message":"testing","syslogtag":"is:","hostname":"This","fromhost":"REDACTED","fromhost-ip":"REDACTED","facility":"user","priority":"notice","timereported":"2015-01-06T13:52:38.339749-05:00","timegenerated":"2015-01-06T13:52:38.339749-05:00"}
then you have a problem, because this is not a valid syslog message over
the wire.
you need to send something like:
<123>2015-01-06T13:52:38.339749-05:00 hostname syslogtag: @cee:
{"message":"testing","syslogtag":"is:","hostname":"This","fromhost":"REDACTED","fromhost-ip":"REDACTED","facility":"user","priority":"notice","timereported":"2015-01-06T13:52:38.339749-05:00","timegenerated":"2015-01-06T13:52:38.339749-05:00"}
then you will have
$hostname = hostname
$syslogtag = syslogtag:
$timestampe = 2015-01-06T13:52:38.339749-05:00
$facility = (whatever 123 decodes to)
$severity = (whatever 123 decodes to)
$msg = @cee:
{"message":"testing","syslogtag":"is:","hostname":"This","fromhost":"REDACTED","fromhost-ip":"REDACTED","facility":"user","priority":"notice","timereported":"2015-01-06T13:52:38.339749-05:00","timegenerated":"2015-01-06T13:52:38.339749-05:00"}
$!message = testing
$!syslogtag = is
$!hostname = This
etc
does this make more sense?
More information about the rsyslog-notify
mailing list