I have configured a syslog server in PRTG. The Message field has a lot of information which is only partially visible. Is there any way to see the complete information in the message or to make that field bigger. Please help out.
Thank you Azim
Article Comments
How long is the actual message? Is it shown in full length when you're inspecting it via browser?
Jul, 2016 - Permalink
I am using the default browser and I have configure a syslog server in PRTG for our Cisco WLC. When I click on the syslog server I see a lot of fields starting with NAME/DATE, Source, Message, Hostname, Timestamp, severity etc. The message field is what I am interested in. The field has a lot of information and I feel it is not displaying the entire information as I am interested in the Mac address which seems to be getting cut off. I just want to be able to see the entire field. Is there any way to expand the MESSAGE field?
Jul, 2016 - Permalink
I need to know how long the actual message is (or at least what you see) ... could you put it on pastebin or something like that? As of right now, there's no way of expanding the window.
Jul, 2016 - Permalink
Also, this is what I see in the message field. I see a lot of these message. I am just copying from one field.
Cisco WLAN CONTROLLER: *sisfSwitcherTask: Jul 07 18:13:49.599: #SISF-6-ENTRY_DELETED:sisf_shim_utils.c:483 Entry deleted A=fe80:7c0f:856e:aa63:1905 V=0 I=wired:1 P=0000 M=
So as you see after M= there should be the MAC address of the device for which it is collecting the information.
I have configured a syslog server for a Cisco WLC which is handing out IP address using DHCP so I need to be able to record all the MAC address that were allocated an IP address by the CISCO WLC.
Regards Azim
Jul, 2016 - Permalink
You can post screenshots using imgur.com and
{{<url>|<title>}}
Once a screenshot is provided, we can probably tell more.
Jul, 2016 - Permalink
Please check the link http://imgur.com/HpCAL6k
Under Post Options -- Download Image
Jul, 2016 - Permalink
Can you check with wireshark if the message indeed does contain a mac address? Because it should be there...
Jul, 2016 - Permalink
Can you check with wireshark if the message indeed does contain a mac address? Because it should be there...
Sorry, how can I use wireshark to check that particular message? Does Wireshark do live monitoring. Thank you for helping us out.
Jul, 2016 - Permalink
https://www.youtube.com/watch?v=6X5TwvGXHP0 - Simply start the capture, let the cisco drop some messages and filter for host <ip-of-your-cisco-appliance> :)
Jul, 2016 - Permalink
I did and in 10 mins it captured like 3000 packets for that particular IP. And it does not have time stamp unless you look into individual packets. PRTG makes it easy to see the information however the message field is not displaying the complete information. I would like to be able to do that. Please let us know how can we do that. Thank you.
Jul, 2016 - Permalink
you can also add udp.port==514 as a filter, so you'll just see the syslog messages. From what I can tell, the message is simply cut off there...
Jul, 2016 - Permalink
Can anyone please respond as its frustrating because I know the information is present in the MESSAGE field but because I cannot expand it I cannot see the information. Why can we not enlarge the MESSAGE field by just dragging it. Why has this feature not implemented? Thank you.
Jul, 2016 - Permalink