and everything is getting awesome parsed whats in /var/log. Now seeing Serviio uses a different LOG pattern:
2022-04-06T15:44:57,701 INFO [PlaylistMaintainerWorker] Started looking for playlist changes
And Plex aswell:
Apr 01, 2022 22:33:31.142 [0x7fb0bcb3bb38] INFO - Plex DLNA Server v1.25.8.5663-e071c3d62 - Debian GNU/Linux PC x86_64 - build: linux-x86_64 - GMT 02:00
I’m scratching my head and can’t find anything relevant in Google. What I found out is that you can write your own rsyslogd Templates. But I’m quite sure that the Formats that I shown you are “standarized”, aren’t they? If so, can someone give me a hint how they’re called and where I’m able to find a list of them?
From what I see both can use Syslog/UDP,TCP Inputs and yes they are standard.
Example I have two formats of logs
Apr 6 16:51:05 graylog kernel: DROP INPUT: IN= WINDOW=8212 RES=0x00 ACK PSH URGP=0
And
2022-04-06 14:52:49 some_server.domain.com DEBUG 5408 NT AUTHORITY\SYSTEM [API] s_ApiCreateKey(Dedup)
Both of these can use Syslog UDP/TCP Inputs.
If you looking to enhance your messages its possible to use GELF inputs but be aware this format will create a lot of fields. Of course you may need to send those logs in GELF format instead of Syslog format. Most if not all log shippers have modules/templates to accomplish this.
Example of Nxlog log shipper this is for GELF format using TCP/TLS.
To sum it up, If your satisfied with what you have now I would keep with Syslog UDP/TCP inputs that’s working for you. You may want to look into separating you devices on different input, just a suggestion. This way if you need to add a field on a specific device/s logs to execute a better search without effecting on devices logs format or just to see all the logs from just switch’s, Windows servers, etc…, and again just a suggestion.
You also have the option of using Raw/plaintext INPUTs. This works for almost anything that can send logs. Its kind of my go to INPUT for unique devices.
This all depends on what your objective is on what could/should be done.