Activity Feed
- Posted Re: Getting two time stamps in a syslog entry - how to correct on Getting Data In. 10-21-2015 11:29 AM
- Posted Getting two time stamps in a syslog entry - how to correct on Getting Data In. 10-21-2015 11:05 AM
- Tagged Getting two time stamps in a syslog entry - how to correct on Getting Data In. 10-21-2015 11:05 AM
- Tagged Getting two time stamps in a syslog entry - how to correct on Getting Data In. 10-21-2015 11:05 AM
- Tagged Getting two time stamps in a syslog entry - how to correct on Getting Data In. 10-21-2015 11:05 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 |
10-21-2015
11:29 AM
Heya.
Just was looking at that. Here is what is currently set in rsyslog.conf:
$ActionFileDefaultTemplate RSYSLOG_FileFormat
Just started to dig into the rsyslog guides to find out some more, see if i can resolve this.
... View more
10-21-2015
11:05 AM
Hey all.
Trying to figure out how to clear up my issue. I'm getting two separate time stamps on a syslog entry coming from a Linux box.
As you can see below, it is sending over the FQDN and short name as well.
Oct 21 10:49:53 hyperion.btlab.test Oct 21 13:49:53 hyperion su: pam_unix(su-l:session): session opened for use
Digging around, this looks to be a syslog (using rsyslog) setup.
Here is my line in rsyslog.conf
authpriv.* @prometheus:514
Pretty straight forward, but scratching my head as to why it is being sent over like that.
... View more
