|Subject:||Parse-Syslog function enhancement suggestion|
|Date:||Wed, 30 Jul 2008 15:55:44 +0900|
|From:||"Wu Tiecheng" <email@example.com>|
Hello, My name is Tiecheng Wu from IBM Japan. I am considering to implement Parse-Syslog on AIX server, but Parse::Syslog could not parser AIX format syslog log file As-Is. I developed a work-around for the issue, and would like to know if you can merge it back to the repository. Here is the situation and solution. 1. Issue From AIX 5.3, a new syslog format is adopted, which is different from the legacy syslogd format. Parse-Syslog can not handle it. Legacy : MMM DD HH:MM:SS node_name program[pid]: msg AIX original : MMM DD HH:MM:SS facility:level node_name program[pid]: msg As you can see, facility and level info is inserted between Data and NoteName fields. 2. Solution Please find attached for your review. 3. Environment OS : the issue occurs on IBM AIX 5.3 and AIX 6.1 Perl : v5.8.2 on both AIX 5.3, and AIX 6.1 Parse::Syslog : 1.10 4. Sample Log Jul 01 01:01:01 aix53 mark:info -- MARK -- Jul 01 01:01:01 aix53 daemon:notice bootpd: received short packet -- tiecheng
Message body is not shown because sender requested not to inline it.