Technical Note: [Accelops KB] Problem - Why are syslog events parsed with Event Type = Unknown_EventType?
Description
Summary of Topic
You have syslog events from a device that AccelOps supports yet the Event Type is being assigned Unknown_EventType.
Solution Steps
Currently AO parsers require a PRID in the syslog header in order to be parsed correctly.
Example of a syslog event with a PRID:
Aug 22 12:31:07.418: %SYS-5-CONFIG_I: Configured from console by joeadmin on vty0 (10.10.10.10)
And here is how AO parses this event:
Example of a syslog event without a PRID:
<187>47258: Aug 22 12:31:07.418: %SYS-5-CONFIG_I: Configured from console by joeadmin on vty0 (10.10.10.10)
And here is how AO parses this event:
NOTE:
This will be optional starting in version 3.7.1.
Version Application
All < 3.7.1