Hi Experts
I encountered strange behavior that rsyslog truncates message after "-".
The log message sent from Juniper SRX firewall is like this. (I confirmed it with tcpdump)
2021-04-23T21:30:00.111.+00:00 SRX-HOSTNAME RT_FLOW - RT_FLOW_SESSION_CREATE [junos@~~~
But on the log file, I only got
Apr 23 21:30:00 SRX-HOSTNAME RT_FLOW
I thought wrong templates was applied, so added following
$template srxlog,"%msg%\n"
:&fromhost-ip, isequal, SRX-IP, /var/log/SRX-HOSTNAME.log
But result was empty lines were logged on the file.
Does anyone help this situation?
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
I encountered strange behavior that rsyslog truncates message after "-".
The log message sent from Juniper SRX firewall is like this. (I confirmed it with tcpdump)
2021-04-23T21:30:00.111.+00:00 SRX-HOSTNAME RT_FLOW - RT_FLOW_SESSION_CREATE [junos@~~~
But on the log file, I only got
Apr 23 21:30:00 SRX-HOSTNAME RT_FLOW
I thought wrong templates was applied, so added following
$template srxlog,"%msg%\n"
:&fromhost-ip, isequal, SRX-IP, /var/log/SRX-HOSTNAME.log
But result was empty lines were logged on the file.
Does anyone help this situation?
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.