You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@flume.apache.org by "Jeff Lord (JIRA)" <ji...@apache.org> on 2013/09/24 19:44:07 UTC

[jira] [Assigned] (FLUME-1666) Syslog source strips timestamp and hostname from log message body

     [ https://issues.apache.org/jira/browse/FLUME-1666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jeff Lord reassigned FLUME-1666:
--------------------------------

    Assignee: Jeff Lord
    
> Syslog source strips timestamp and hostname from log message body
> -----------------------------------------------------------------
>
>                 Key: FLUME-1666
>                 URL: https://issues.apache.org/jira/browse/FLUME-1666
>             Project: Flume
>          Issue Type: Bug
>          Components: Sinks+Sources
>    Affects Versions: v1.2.0, v1.3.0
>         Environment: This occurs with Flume all the way up through 1.3.0.
>            Reporter: Josh West
>            Assignee: Jeff Lord
>         Attachments: FLUME-1666-SyslogTextSerializer.patch
>
>
> The syslog source parses incoming syslog messages.  In the process, it strips the timestamp and hostname from each log message, and places them as Event headers.
> Thus, a syslog message that would normally look like so (when written via rsyslog or syslogd):
> {noformat}
> Wed Oct 24 09:18:01 UTC 2012 someserver /USR/SBIN/CRON[26981]: (root) CMD (/usr/local/sbin/somescript)
> {noformat}
> Appears in flume output as:
> {noformat}
> /USR/SBIN/CRON[26981]: (root) CMD (/usr/local/sbin/somescript)
> {noformat}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira