syslog report
Wytze van der Raay
wytze at nlnet.nl
Thu Jul 3 08:52:08 CEST 2003
On Fri, Apr 18, 2003 at 02:04:01PM +0200, Matthieu COUVRAND wrote:
> I would like to make a report about my syslog file but lr_log2report (with the command : lr_log2report -o html -i combined < syslog.log > syslog.tar) can't parse my syslog file.
>
> I have got that king of errors :
>
> all combined lr_tag-20030418123623-4789 combined2dlf notice cannot convert line 1620 "Apr 17 09:00:38 srvtelesvc nagios: HOST NOTIFICATION: toto;Nomade443;DOWN;host-notify-by-email;CRITICAL - Plugin timed out after 10 seconds " to www dlf, skipping
> all combined lr_tag-20030418123623-4789 combined2dlf warning parse_common invalid CLF line 'Apr 17 09:00:58 srvtelesvc nagios: HOST NOTIFICATION: toto;rtrBdx;DOWN;host-notify-by-email;CRITICAL - Plugin timed out after 10 seconds '
>
>
> It seems that lr_log2report try to analyse my file as it was an access_log (apache).
It does indeed what you told it to do by specifying "combined" as
the dlf converter, i.e. interpret the logfile as a web server
logfile in the "combined" format.
> Is there somebody who know how parsing my syslog (Mandrake 9.0)
If you want a report on the events in your syslog file (events from
many different services), you can use the "syslog" converter, e.g.:
lr_run lr_log2report -o html -i syslog < syslog.log > syslog.tar
Hope this helps ...
-- wytze
--
To UNSUBSCRIBE, email to questions-request at logreport.org with a subject of
"unsubscribe". Trouble? Send an email with subject "help" to
questions-request at logreport.org
More information about the Questions
mailing list