Community discussions

MikroTik App
 
ColinSlater
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 59
Joined: Sun Sep 12, 2021 2:32 pm

Formatted Syslog Output

Sat Oct 29, 2022 10:58 am

Hi,
This may well be the stupidest question ever posted here... and if it is, my apologies.

Is it possible to define a log format?

I've written my own Syslog collector ages ago (small .NET application that runs as a windows service on one of our servers. It puts the log entries into an SQL Database. Was setup for our previous firewall, not a MikroTik. Worked extremely well, but the log format was a bit easier to write a parser for, as there were consistent delimiters with a basic format of [fieldName]=[value]).

Is it possible to do something like this with the MikroTik log somehow?
I think I'm right in saying that however the log is formatted, this will be sent as the MSG part of the Syslog transmission, so I guess it's the MikroTik log part that I need to look at, right?
Getting something like:
[FieldName]=[Value];[FieldName]=[Value]... 
would be absolutely ideal... not sure if I'm asking too much here though.

Thanks very much in advance.

Colin
 
User avatar
smyers119
Member Candidate
Member Candidate
Posts: 232
Joined: Sat Feb 27, 2021 8:16 pm
Location: USA

Re: Formatted Syslog Output

Mon Nov 07, 2022 6:55 pm

Syslog is a standard, and as such all messages no matter the vender should be in the same generalized format. See RFC 5424
Last edited by smyers119 on Mon Nov 07, 2022 7:11 pm, edited 1 time in total.
 
User avatar
smyers119
Member Candidate
Member Candidate
Posts: 232
Joined: Sat Feb 27, 2021 8:16 pm
Location: USA

Re: Formatted Syslog Output

Mon Nov 07, 2022 7:10 pm

there is also BSD syslog standard RFC3164 <--which mikrotik definitely supports (needs to be enabled)
 
User avatar
smyers119
Member Candidate
Member Candidate
Posts: 232
Joined: Sat Feb 27, 2021 8:16 pm
Location: USA

Re: Formatted Syslog Output

Mon Nov 07, 2022 11:15 pm

 
ColinSlater
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 59
Joined: Sun Sep 12, 2021 2:32 pm

Re: Formatted Syslog Output  [SOLVED]

Wed Nov 09, 2022 3:46 pm

I ended up re-writing my syslog listener such that it uses RegEx to pull out the various. It’s of the syslog messages that I, interested in… then it was super easy to get the format I wanted and I now have everything being logged to an SQL Database.

Who is online

Users browsing this forum: No registered users and 106 guests