0

I'm writing some parsing logic for syslog-ng messages and am noticing that for many of the commands syslog-ng prepends a <[0-9]+> string to most of my messages.

Here is an example from me running sudo:

<85>Aug  2 09:42:09 sholsapp-ld sudo: sholsapp : TTY=pts/28 ; PWD=/home/sholsapp ; USER=root ; COMMAND=/bin/ls

What is the meaning/significance of the <85>?

gnucom
  • 197
  • 8
  • as Clayton answered, thats the priority+facility. But that shouldn't be showing up. What does your config for that (file) destination look like? You're not using a custom template or anything are you? – phemmer Aug 02 '12 at 17:10
  • No, just the config file that redhat linux provided when I did `yum install syslog-ng`. – gnucom Aug 02 '12 at 17:48

1 Answers1

2

That's the PRI. It is an 8bit number that indicates the severity and facility. More information is available HERE

Clayton Dukes
  • 444
  • 2
  • 9