Uploaded image for project: 'OpenNMS'
  1. OpenNMS
  2. NMS-5436

Default syslogd filter is not syslog default format

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 1.10.2
    • Fix Version/s: Backlog
    • Security Level: Default (Default Security Scheme)
    • Labels:
      None

      Description

      Hello,

      The default forwarding-regexp is:

      forwarding-regexp="^.*\s(19|20)\d\d([-/.])(0[1-9]|1[012])\2(0[1-9]|[12][0-9]|3[01])(\s+)(\S+)(\s)(\S.+)"

      However, this only matches messages that contains the format YYYY-MM-DD. The default syslog format is
      more something like this:

      Jul 18 17:41:10 gwvlan-producao 56455: Jul 18 20:41:09.766: %SEC-6-IPACCESSLOGP: list gray-to-4 denied tcp 10.9.1.65(2496) (Vlan1000 0016.3e4c.d69d) -> 10.48.200.10(55807), 1 packet

      Please, use a more broad expression as default filter like:

      forwarding-regexp="^((.+?) (.*))\r?\n?$"

      http://www.opennms.org/wiki/Syslogd

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              luizluca@gmail.com Luiz Angelo Daros de Luca
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:

                  Time Tracking

                  Estimated:
                  Original Estimate - 1 hour
                  1h
                  Remaining:
                  Remaining Estimate - 1 hour
                  1h
                  Logged:
                  Time Spent - Not Specified
                  Not Specified