I have a system running rsyslog 8.24.0 with kernel that emits nuisance
warnings for USB devices. It's a known bug that won't be fixed right
away but is harmless otherwise.
The message appears this way in both /var/log/messages and /var/log/kern.log
2018-07-23T06:42:41.360097-07:00 mail kernel: [154672.876159]
WARN::dwc_otg_handle_mode_mismatch_intr:68: Mode Mismatch Interrupt:
currently in Host mode
I wanted to suppress this particular message from the kernel so I wrote
the following rule at the top of my config file:
if ($msg contains "dwc_otg_handle_mode_mismatch_intr" ) then {
stop
}
I've also tried it in the other format:
:msg, contains, "dwc_otg_handle_mode_mismatch_intr" stop
However, with either of those rules I still get an entry in the log that
looks similar to this:
2018-07-23T06:42:41.360170-07:00 mail kernel: [154672.876159]
(there's just a single space blank message after the timestamp)
I am able to trigger this warning manually so I am able to watch the
logs and see what is generated when I trigger it.
I don't understand why this particular rule behaves this way. I have a
rule that is slightly similar which redirects firewall messages to
another file and then stops:
:msg, contains, "iptables:" -/var/log/iptables.log
& stop
This one puts the messages in /var/log/iptables.log as expected and does
not populate messages or kern.log with blank lines.
I tried modifying this rule to fit the dwc_otg warning and redirect to
/dev/null but I still received blank lines in messages and kern.log.
I have generated debug output from rsyslog during one of these events if
that is desired.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
