1 Reply Latest reply: Sep 19, 2012 3:31 AM by abrante RSS

    Howto to get the year timestamp in syslog and logadm files

    962201
      5.10 Generic_141414-10 sun4u sparc

      Howto to get the year timestamp in syslog and logadm

      We have to keep logs files for a long time, I was exploring logs in /var/adm/secure and noticed that log files over a year old did not have a year time stamp, they are in this format:

      Nov 12 09:09:16

      And on the face of it. /varlog/syslog is the same, I thought no problem, there will be something in syslog.conf or logadm.conf I change and it will be fixed, but I cannot find any options to change this, how do I get the year in my log files?

      The "date" command does output the year:

      Friday, September 14, 2012  7:57:36 AM
        • 1. Re: Howto to get the year timestamp in syslog and logadm files
          abrante
          My guess is that the fields in a message logged by syslog are fixed, so you can't add a field to it.

          The reason for this is simply that there might be other applications parsing your syslog messages, or there might be other systems syslogging to your system, and that would break if you would add fields.

          The easiest workaround is probably to keep better track of your logs by either implementing an annual rotation of them from crontab, or log the date using the "logger" command on a regular basis.

          A third option would be to look at syslog-ng or rsyslog, which is more flexible when it comes to storing logs, and among other things can store them into a SQL db..

          .7/M.