linux - How to rewrite timestamp in syslog-ng -
i'm trying figure out how rewrite timestamp being sent me cisco, can forward on parser.
it nice perform rewrite in syslog-ng (where collecting logs), when both write-to-disk, , when send out there, timestamps in nice iso format.
currently, timestamps in 2016 nov 17 13:13:13 utc format. want rewrite them simple iso08601 format (yyyy-mm-ddthh:mm:ssutc).
i understand how use templates parse out info, , simple rewrite except month coming in. don't know how syslog-ng translate 'nov' '11'.
anyone know of tricks?
Comments
Post a Comment