cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About AkinBredailik

Meraki and Syslog-NG

by in Meraki Insight
‎08-05-2022 04:10 AM
‎08-05-2022 04:10 AM
I've been struggling epically to export legible logs from my Meraki devices to a server running Syslog-NG OSE 3.30. No matter what source driver I use on the server, I see errors like this (identifying details changed): May 28 15:56:23 syslog-ng[32734]: Error processing log message: <134>1>@< 1622231783.881009670 HOSTNAME1 flows allow src=10.1.1.1 dst=10.2.1.1 mac=BLAH protocol=icmp type=0 May 28 15:56:23 syslog-ng[32734]: Error processing log message: <134>1>@< 1622231783.857281611 HOSTNAME2 flows allow src=10.1.1.2 dst=10.2.1.2 mac=BLAH protocol=icmp type=0 Is this a Meraki compliance problem with RFC3164 or RFC5424? Or just a message formatting idiosyncrasy? Does it mean that I have to parse Meraki syslog messages specially on my Syslog-NG server with an XML file in patterndb? If so, can anyone point to an example of one that I can look at? Thanks! ... View more
© 2023 Meraki