magneticstain
commented
5 years ago Fixed:
2018-11-18 20:37:16,364 [ DEBUG ] [ lib.anatomize.Parser ] processing log [[[ Nov 18 20:37:14 lhr1inquisition01 sudo: pam_unix(sudo:session): session closed for user root ]]] using [ PARSER ID: 2 // NAME: parser_auth_log // READING FROM LOG FILE: /var/log/auth.log // OFFSET FILE: /opt/inquisition/tmp/2_parser_auth_log.offset // TOTAL LOGS PROCESSED: { 5 } ]
2018-11-18 20:37:16,364 [ DEBUG ] [ lib.anatomize.Parser ] POST-PROCESSED LOG [[[ Nov 18 20:37:14 lhr1inquisition01 sudo: pam_unix(sudo:session): session closed for user root ]]] using [ PARSER ID: 2 // NAME: parser_auth_log // READING FROM LOG FILE: /var/log/auth.log // OFFSET FILE: /opt/inquisition/tmp/2_parser_auth_log.offset // TOTAL LOGS PROCESSED: { 5 } ]
During Investigation of Issue #135 , it was found that line breaks in the logs can be reflected in the application log files as well. These, and any other formatting characters like that, should be stripped out before writing it to the log.