Mailing List Archive: rsyslog parser ciscoiospm

Hi all,

I've been a happy rsyslog user over the years, so thank you developers for
dedicating your time on this project :-)

Over the past months we've been centralizing our infrastructure logging to
a central syslog server running an updated rocky linux 8 and
rsyslog-8.2102.0-13.el8.src.rpm.

We've now started forwarding the output of c1sco routers and switches which
rendered a lot of garbled output.
There is a parser module that accounts for this behavior [0], but it seems
that it's not currently being built in the rpm[1].

Is it a packager's decision?

I've also noted that the online documentation states that the module is
supported starting on version 8.3.4+ which does not seem to have been
released. Is this a typo?

Thank you for your support.
Best,
Pedro

0 -
https://rsyslog.readthedocs.io/en/stable/configuration/modules/pmciscoios.html
1 -
https://git.rockylinux.org/staging/rpms/rsyslog/-/blob/r8/SPECS/rsyslog.spec
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.

On Wed, 6 Sep 2023, Pedro Caetano via rsyslog wrote:

> Hi all,
>
> I've been a happy rsyslog user over the years, so thank you developers for
> dedicating your time on this project :-)
>
> Over the past months we've been centralizing our infrastructure logging to
> a central syslog server running an updated rocky linux 8 and
> rsyslog-8.2102.0-13.el8.src.rpm.
>
> We've now started forwarding the output of c1sco routers and switches which
> rendered a lot of garbled output.
> There is a parser module that accounts for this behavior [0], but it seems
> that it's not currently being built in the rpm[1].
>
> Is it a packager's decision?

yes, that is a packager's decision, check for rsyslog-* packages, they may have
made a separate package for it.

> I've also noted that the online documentation states that the module is
> supported starting on version 8.3.4+ which does not seem to have been
> released. Is this a typo?

8.3 is a very old release, we started the 8.x series with normal numbering (8.1,
8.2, etc) but around 8.36 we shifted to the date based versions (8.YY.MM)

if 8.3.4 wasn't released, then it was first in 8.4.0 but the details of that are
a long time ago and not worth digging up :-)

I wrote that module because I had to deal with cisco logs, the code aint pretty
but it works :-)

David Lang

> Thank you for your support.
> Best,
> Pedro
>
> 0 -
> https://rsyslog.readthedocs.io/en/stable/configuration/modules/pmciscoios.html
> 1 -
> https://git.rockylinux.org/staging/rpms/rsyslog/-/blob/r8/SPECS/rsyslog.spec
> _______________________________________________
> rsyslog mailing list
> https://lists.adiscon.net/mailman/listinfo/rsyslog
> http://www.rsyslog.com/professional-services/
> What's up with rsyslog? Follow https://twitter.com/rgerhards
> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
>
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.