Discussion:
[stunnel-users] Fwd: Stunnel log file format
(too old to reply)
Jesús Alfredo Cambera
2016-01-12 14:58:15 UTC
Permalink
Hi everybody,

I'm pretty new on stunnel and I'm still learning a lot through the
documentation. One of the tasks that i need to accomplish is to consolidate
all the log information using logstash and ELK. So far I had managed to
figure out most of the log file format. Here is an example of my log file

2013.01.11 11:26:35 LOG5[13520:140223486400256]: stunnel3 accepted
connection from 127.0.0.1:45939
2013.01.11 11:26:35 LOG6[13520:140223486400256]: connect_blocking:
connecting 123.4.5.6:9130
2013.01.11 11:26:35 LOG5[13520:140223486498560]: connect_blocking:
connected 7.8.9.10:9130

The first two fields are date and hour but I don't understand what do the
next field means (LOG5, LOG6). Next is the pid, but I don't know anything
about the next field. The last one is the error explanation.

Is there documentation about log file format? I'd really appreciate your
help.

Greetings from Venezuela,


Alfredo
Ludolf Holzheid
2016-01-12 15:34:29 UTC
Permalink
Post by Jesús Alfredo Cambera
Hi everybody,
I'm pretty new on stunnel and I'm still learning a lot through the
documentation. One of the tasks that i need to accomplish is to consolidate
all the log information using logstash and ELK. So far I had managed to
figure out most of the log file format. Here is an example of my log file
2013.01.11 11:26:35 LOG5[13520:140223486400256]: stunnel3 accepted
connection from 127.0.0.1:45939
connecting 123.4.5.6:9130
connected 7.8.9.10:9130
The first two fields are date and hour but I don't understand what do the
next field means (LOG5, LOG6). Next is the pid, but I don't know anything
about the next field. The last one is the error explanation.
Hi Alfredo,

The missing fields are log level and thread ID.

HTH,

Ludolf
Post by Jesús Alfredo Cambera
_______________________________________________
stunnel-users mailing list
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
--
Ludolf Holzheid
 
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
 
Tel: +49 621 33996-0
Fax: +49 621 3392239
 
mailto:***@bihl-wiedemann.de
http://www.bihl-wiedemann.de
 
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796
Ludolf Holzheid
2016-01-12 17:10:24 UTC
Permalink
Hello Ludof,
Thanks for answering so fast. I think this information would be really
useful for other users. I'd would be great if it could be included the the
manual page (https://www.stunnel.org/static/stunnel.html).
I had just completed the logstash filters but still I have one last
question: What do the log levels correspond to: error, warning, info?
Hi Alfredo,

always answer to the list, so others may read along and/or chime in.
Level is a one of the syslog level names or numbers emerg (0), alert (1), crit (2),
err (3), warning (4), notice (5), info (6), or debug (7). All logs for the specified
level and all levels numerically less than it will be shown. Use debug = debug or
debug = 7 for greatest debugging output. The default is notice (5).
This seems to perfectly match the 'conventional meaning of the log
level' used for most POSIX system log daemons (e.g. the linux
syslogd).

I don't know how significant the level /names/ actually are - Maybe
all you can read from this is that level 0 gives the fewest and level
7 gives the most messages.

Ludolf
--
Ludolf Holzheid
 
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
 
Tel: +49 621 33996-0
Fax: +49 621 3392239
 
mailto:***@bihl-wiedemann.de
http://www.bihl-wiedemann.de
 
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796
Jesús Alfredo Cambera
2016-01-12 18:39:05 UTC
Permalink
Thanks again for your time. That's exactly what I was looking for,


Greetings,

Alfredo

On Tue, Jan 12, 2016 at 12:40 PM, Ludolf Holzheid <
Post by Ludolf Holzheid
Hello Ludof,
Thanks for answering so fast. I think this information would be really
useful for other users. I'd would be great if it could be included the
the
manual page (https://www.stunnel.org/static/stunnel.html).
I had just completed the logstash filters but still I have one last
question: What do the log levels correspond to: error, warning, info?
Hi Alfredo,
always answer to the list, so others may read along and/or chime in.
Level is a one of the syslog level names or numbers emerg (0), alert
(1), crit (2),
err (3), warning (4), notice (5), info (6), or debug (7). All logs for
the specified
level and all levels numerically less than it will be shown. Use debug
= debug or
debug = 7 for greatest debugging output. The default is notice (5).
This seems to perfectly match the 'conventional meaning of the log
level' used for most POSIX system log daemons (e.g. the linux
syslogd).
I don't know how significant the level /names/ actually are - Maybe
all you can read from this is that level 0 gives the fewest and level
7 gives the most messages.
Ludolf
--
Ludolf Holzheid
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
http://www.bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
GeschÀftsfÌhrer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796
Loading...