LogAnalysis
[logs] syslog-ng windows agent question Oct 21 2008 08:05PM
Patrick Hull (nethead69 gmail com)
We are evaluating some options/products for sending Windows event and
other logs to our
syslog-ng servers. When running the Windows syslog-ng agent, we are
seeing 2 issues:
- Multiple events per line are being generated from the windows agent,
lines are terminated,
and continued on the next line. We would like to see one event per line.
- We are seeing most lines contain a chunk of HEX characters
(<EF><BB><BF>) that are
aparently UTF-8 byte order marks.

Has anyone experienced this with logs generated from the syslog-ng
windows agent, and is
there a way to filter these out? We are running a pretty old
syslog-ng (1.6.7) on our collector,
so perhaps this might be the issue?

Any ideas would be welcome...

thanks!
-pat.
_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus