This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is there a way to configure syslog do not split long log messages?

For now Sohpos UTM syslog splits long log messages.
Is there a way to  configure syslog do not split long log messages?
I'm shipping Sophos logs to my logstash server, which sends them to Elastic.
I'll prefer to not deal with multi-line messages parsing.


TIA, 

Vitaly



This thread was automatically locked due to age.
Parents
  • This has been discussed here before, Vitaly, and I suspect that Sachin will get the same story.  The 1000-character limit is hard-coded into the underlying software with too many dependencies, so there's very little appetite for modifying it.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Has anyone in tbis community developed scripts for handling complex multiline messages, especially the ones generated by WAF?

Reply Children
No Data