Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing ProcessID #94

Open
rubenszolt opened this issue May 13, 2023 · 4 comments
Open

Missing ProcessID #94

rubenszolt opened this issue May 13, 2023 · 4 comments

Comments

@rubenszolt
Copy link

Running Latest version of LogAnalyzer: Version 4.1.13 and ProcessID field is missing.
image
@alorbach
Copy link
Member

alorbach commented Jun 2, 2023

Looks like the syslog format you have is not fully parsed correctly.
Could you show a few sample log lines ?

@rubenszolt
Copy link
Author

rubenszolt commented Jun 4, 2023
edited
Loading

The server is an Debian GNU/Linux 11 (bullseye) base install

Jun 4 18:00:39 syslog systemd[1]: Created slice User Slice of UID 0.
Jun 4 18:00:39 syslog systemd[1]: Starting User Runtime Directory /run/user/0...
Jun 4 18:00:39 syslog systemd[1]: Finished User Runtime Directory /run/user/0.
Jun 4 18:00:39 syslog systemd[1]: Starting User Manager for UID 0...
Jun 4 18:00:39 syslog systemd[238016]: Queued start job for default target Main User Target.
Jun 4 18:00:39 syslog systemd[238016]: Created slice User Application Slice.
Jun 4 18:00:39 syslog systemd[238016]: Reached target Paths.
Jun 4 18:00:39 syslog systemd[238016]: Reached target Timers.
Jun 4 18:00:39 syslog systemd[238016]: Listening on GnuPG network certificate management daemon.
Jun 4 18:00:39 syslog systemd[238016]: Listening on GnuPG cryptographic agent and passphrase cache (access for web browsers).
Jun 4 18:00:39 syslog systemd[238016]: Listening on GnuPG cryptographic agent and passphrase cache (restricted).
Jun 4 18:00:39 syslog systemd[238016]: Listening on GnuPG cryptographic agent (ssh-agent emulation).
Jun 4 18:00:39 syslog systemd[238016]: Listening on GnuPG cryptographic agent and passphrase cache.
Jun 4 18:00:39 syslog systemd[238016]: Reached target Sockets.
Jun 4 18:00:39 syslog systemd[238016]: Reached target Basic System.
Jun 4 18:00:39 syslog systemd[1]: Started User Manager for UID 0.
Jun 4 18:00:39 syslog systemd[1]: Started Session 4092 of user root.
Jun 4 18:00:39 syslog systemd[238016]: Reached target Main User Target.
Jun 4 18:00:39 syslog systemd[238016]: Startup finished in 88ms.
Jun 4 18:00:43 syslog postfix/smtpd[238045]: connect from localhost[127.0.0.1]
Jun 4 18:00:43 syslog postfix/smtpd[238045]: 0A71F9B57: client=localhost[127.0.0.1]
Jun 4 18:00:43 syslog postfix/cleanup[238048]: 0A71F9B57: message-id=[email protected]
Jun 4 18:00:43 syslog postfix/qmgr[577]: 0A71F9B57: from=[email protected], size=773, nrcpt=1 (queue active)
Jun 4 18:00:43 syslog postfix/smtpd[238045]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5

@ponasromas
Copy link

Any solution?

@snuggles4553
Copy link

If you're using the rsyslog mysql (ommysql) plugin, this may apply: the plugin doesn't appear to log the ProcessID. So it's perhaps a missing feature that should be implemented in the rsyslog ommysql plugin, in which case loganalyzer itself can't do anything about it. The official rsyslog source code includes the code for the ommysql plugin, and also a createDB.sql file to setup a monitorware SystemEvents database. You can see in that sql file that there is no ProcessID column either.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@alorbach @rubenszolt @ponasromas @snuggles4553