HPE Community
Operating System - HP-UX
1753774 Members
7174 Online
108799 Solutions
New Discussion

Re: SYSLOG Format

 
Jason Shannon
Occasional Advisor

‎09-09-2009 03:04 AM

‎09-09-2009 03:04 AM

SYSLOG Format

Hello

Does anyone know if a mechanism exists which would allow me to change the format of the information being written to syslog?

I'm really interested in the actual date format to see if I can include a year. Ideally I'd like each entry prefixed with a date in the format DD MON YYYY e.g. 09 SEP 2009.

Thanks

Jason
0 Kudos
Reply
3 REPLIES 3
Hakki Aydin Ucar
Honored Contributor

‎09-09-2009 03:52 AM

‎09-09-2009 03:52 AM

Re: SYSLOG Format

/etc/syslog.conf configuration file allows the system administrator to specify where
the various systemsâ processes messages will get sent.

But not sure you can play the format and not necessary, just use a cronjob ; put a wrapper just periodically generate another file in another format from source /var/adm/syslog file as file convertor.
0 Kudos
Reply
Rita C Workman
Honored Contributor

‎09-09-2009 04:13 AM

‎09-09-2009 04:13 AM

Re: SYSLOG Format

I've never tried it, but take a look at:

man logger

It says...logger command provdes a program interface to the syslog() system log module.

Rgrds,
Rita
0 Kudos
Reply
Bill Hassell
Honored Contributor

‎09-09-2009 10:01 AM

‎09-09-2009 10:01 AM

Re: SYSLOG Format

Most syslog files are far too big to keep for more than a year. The format is fixed because syslog is a standard across multiple platforms (your syslog file does not have to be kept on your server). I would schedule your log rotation script to run at 0000 hours and check for a new year. Then use awk to read the old file and create a new one with the year added.

Personally, I do not like log dates with month names as they are painful to sort and compare. If I needed to search multiple logs over several years, I would convert the date to YYYYMMDD.HHMMSS (as in 20090909.140522) which will be easy to sort, especially across year end boundaries.


Bill Hassell, sysadmin
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.