Hi, all.

 

After dist upgrade from Ubuntu 12.04 to 14.04 syslog messages from cisco IOS devices became empty. There is a similar thread/bug:

 

http://jira.observium.org/browse/OBSERVIUM-850

http://postman.memetic.org/pipermail/observium/2014-August/007527.html

 

We’ve managed to work around it by changing:

 

template ("$HOST||$FACILITY||$PRIORITY||$LEVEL||$TAG||$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC||$MSG||$PROGRAM\n")

 

to:

 

template ("$HOST||$FACILITY||$PRIORITY||$LEVEL||$TAG||$YEAR-$MONTH-$DAY $HOUR:$MIN:$SEC||:: : :: $MSG||$PROGRAM\n")

 

in syslog config.

 

For the developers: it happened after update of syslog/php to 3.5.3-1 [@9695e81] / PHP 5.5.9-1ubuntu4.3 from whatever was current on Ubuntu 12.04 LTS , worked fine before that.

 

Also, the data examplesyslog sends to the script is:

 

10.x.x.x||local7||notice||notice||bd||2014-08-19 20:21:10||%SYS-5-CONFIG_I: Configured from console by xx on vty3 (10.x.x.xx)||BST

 

Hope this helps!

Pav