Version 3.7.4-1 of cb-event-forwarder only logs numbers when configured to syslog
Example:
06 21 2021 14:02:41 redacted_ip <KERN:INFO> 2021-06-21T14:02:41+01:00 redacted_hostname /usr/share/cb/integrations/event-forwarder/cb-event-forwarder[19675]: 0
Most of the logs just contain 0 however some are higher:
06 21 2021 13:51:36 redacted_ip <KERN:INFO> 2021-06-21T13:51:36+01:00 redacted_hostname /usr/share/cb/integrations/event-forwarder/cb-event-forwarder[31640]: 26
The issue is resolved by downgrading to 3.7.3-1.
I haven't tested for the issue on EL6 or EL8.
The Event Forwarder config was default settings on Events, with output set to syslog to UDP on port 514, LEEF format.
Version 3.7.4-1 of cb-event-forwarder only logs numbers when configured to syslog
Example:
06 21 2021 14:02:41 redacted_ip <KERN:INFO> 2021-06-21T14:02:41+01:00 redacted_hostname /usr/share/cb/integrations/event-forwarder/cb-event-forwarder[19675]: 0Most of the logs just contain 0 however some are higher:
06 21 2021 13:51:36 redacted_ip <KERN:INFO> 2021-06-21T13:51:36+01:00 redacted_hostname /usr/share/cb/integrations/event-forwarder/cb-event-forwarder[31640]: 26The issue is resolved by downgrading to 3.7.3-1.
I haven't tested for the issue on EL6 or EL8.
The Event Forwarder config was default settings on Events, with output set to syslog to UDP on port 514, LEEF format.