Closed sgzijl closed 11 years ago
On the osfamily RedHat the anacron messages result in _grokparsefailures, e.g.:
Mar 13 15:01:01 hostname run-parts(/etc/cron.hourly)[3036]: starting mcelog.cron
By changing PROG to DATA in the grok pattern the issue seem to be solved, without breaking anything else.
Perhaps it's worth changing it permanently in the syslog_pri cookbook recipe?
On the osfamily RedHat the anacron messages result in _grokparsefailures, e.g.:
Mar 13 15:01:01 hostname run-parts(/etc/cron.hourly)[3036]: starting mcelog.cron
By changing PROG to DATA in the grok pattern the issue seem to be solved, without breaking anything else.
Perhaps it's worth changing it permanently in the syslog_pri cookbook recipe?