Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Axiv
New Contributor

null byte at the end of syslog lines

Hi,

I'm sending firewall logs via syslog to a server, where I process data and save it to a local database, but after the update from 6.2.7 to 6.2.8, I see that all lines ends with null byte unicode "u\0000" as if null was used as a separator instead of new line which prevent the script I'm using from transforming data, how can I fix this ?

1 REPLY 1
lol
Staff
Staff

Hello,

 

I see your post is from 2021-10-20 but I am replying anyway in the hope its going to be useful for you.


I would suggest to verify if the FortiGate really sends out syslog messages with a null byte at the end of the line.
For this create a network capture to analyze the raw data being sent via syslog.

 

If the FortiGate indeed sends a null byte instead of a proper carriage return then this could be a bug in the FortiOS code.

 

Please note that the FortiGate 6.2.x branch is out of engineering support meaning there will be no further bug fixes applied to the 6.2 code.
It is therefore recommended to upgrade to the latest 6.4 release instead which is 6.4.9
Short term you may want to upgrade to the latest 6.2.x release which is currently 6.2.10 to see if the issue got resolved in this branch.


Best Regards

Labels
Top Kudoed Authors