Actions
Bug #8077
closed
Filterlog format does not match documentation or RFC spec
Status:
Not a Bug
Priority:
Low
Assignee:
-
Category:
Logging
Target version:
-
Start date:
11/09/2017
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
Description
The documentation of the filterlog format indicates that the format of syslog messages will be:
<Timestamp> <Hostname> filterlog: <CSV data>
Actual messages received look like this:
<134>Nov 9 21:55:09 filterlog: 218,,,1433092534,pppoe2,match,block,in,4,0x0,,57,34698,0,none,6,tcp,40,141.1.1.1,8.8.8.8,25911,23,0,S,1380209254,,39383,,
Ideally from a log collection perspective, the message format should be updated to follow the documentation and include the hostname. Alternatively, the documentation could be updated to accurately reflect the format of messages as they are at present.
Updated by 
Updated by
Actions