[rsyslog-notify] Forum Thread: Re: Inserting information into Log received from remote host - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Tue Nov 3 20:46:57 CET 2015
User: snorman1483
Forumlink: http://kb.monitorware.com/viewtopic.php?p=26102#p26102
Message:
----------
I am forwarding the logs as rawlogs due to other system are also receiving
this traffic and the only format that was 100% across the board was the
%rawlog%.
Here is a sample of what the log looks like and as you can see is that
there is no hostname or ip address that can be used to link to the host.
<180>DefensePro: 18-10-2015 07:57:13 WARNING 105 Anomalies "TTL Less Than
or Equal to 1" IP xxx.xxx.xxx.xxx y xxx.xxx.xxx.xxx y y Regular "Packet
Anomalies" sampled 1 94 N/A 0 N/A low forward
aaaaaaaaa-aaaa-aaaa-1111-11111111
I would like to insert a hostname somewhere into the front of the log
source
<180>DefensePro: 18-10-2015 07:57:13 Hostname rest of the message OR
<180> Hostname DefensePro: 8-10-2015 07:57:13 rest of the message
More information about the rsyslog-notify
mailing list