Support additional syslog timestamp formats #868
Labels
analysis
ansible
bug
Something isn't working
documentation
Improvements or additions to documentation
enhancement
New feature or request
has-workaround
Bug with a workaround
Comments
jw3
added
bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The analyzer parses rfc3339 format timestamps from syslog entries. Depending on whether
RSYSLOG_FileFormatorRSYSLOG_TraditionalFileFormatis used the format will vary.Our playbooks set
RSYSLOG_FileFormatwhich produce 3339 entries, so the code is currently shaped around that. Expanding that to other potential formats is the gist of this issue.There may be other ways to configure the format, but this example proves enough that we need to look into support for other formats.
https://www.rsyslog.com/doc/v8-stable/configuration/templates.html#reserved-template-names
The text was updated successfully, but these errors were encountered: