Attached is a UDS I have written for Axway Gateway, an enterprise FTP system. Our platform owner for this system wanted two alerts. excessives failed logins and a high number of connections. This UDS parses only these messages to meet that request.
I have also done some UDS on Axway. However, I encounter the following from the logs:
2008/09/05 13:42:49.893 High Security.Authentication.AuthenticationFailure Info(ByUser(/..\\../..\\../..\\../..\\../etc/passwd), Reason(Invalid userid or password for userid /..\\../..\\../..\\../..\\../etc/passwd))
Most of the events are single line...and every so often I get these multi-line events. Don't know that it is...I do know that I need to open up the log files in wordpad instead of notepad..So, I am kinda stuck on how to handle this issue.
Stoeck, how do you identify this one as Multi line event. I copied it in notepad and it seems to be going in single line. Do you have some samples of multiline events (and way to identify it). Need it for the testing of Next Gen UDS tool kit (EventSource Integrator).
Sr. Product Manager, enVision
Retrieving data ...