I'm looking at ways to get high precision (with fractions of seconds) timestamps out of nxlog. If application provides these, it's of course easy to get this data into nxlog, but it's not easy to get it out - strftime function you can format timestamps with doesn't support fractions of seconds. Am I right?
It's even more problematic if application doesn't provide high precision timestamps - which is the case with most of unix programs using im_uds or all data from im_kernel for example. Even EventReceivedTime timestamp used in case of IETF syslog format isn't high precision.
Now, before anyone says that these wouldn't very precise timestamps anyway - that's not what I really care about. But as in the path to the log analysis events can be reordered (with redundant message brokers and stuff), it is critical to have high precision timestamps so correct order of the messages can be restored.
Ideally I'd like to use BSD syslog with high precision timestamps, but in any way it seems to be impossible at the moment. Or am I overlooking something?