[syslog-ng] Facility / Priority
Jeremy M. Guthrie
jeremy.guthrie at berbee.com
Fri May 26 00:58:59 CEST 2006
Not sure if this got missed, sorry for the repost.
Something is not quite right, facility/priority in Syslog-NG does not appear
to be lining up correctly. Here is what I tested with:
logger -p user.emerg `date` emerg
logger -p user.alert `date` alert
logger -p user.crit `date` crit
logger -p user.err `date` err
logger -p user.warning `date` warning
logger -p user.notice `date` notice
logger -p user.info `date` info
logger -p user.debug `date` debug
Here is what Modular Syslog recorded to the database:
TSyslog=# select facility,severity,host,message from tsyslog;
facility | severity | host | message
----------+----------+-------+----------------------------------------------
1 | 0 | plato | logger: Wed May 24 10:36:46 CDT 2006 emerg
1 | 1 | plato | logger: Wed May 24 10:36:46 CDT 2006 alert
1 | 2 | plato | logger: Wed May 24 10:36:46 CDT 2006 crit
1 | 3 | plato | logger: Wed May 24 10:36:46 CDT 2006 err
1 | 4 | plato | logger: Wed May 24 10:36:46 CDT 2006 warning
1 | 5 | plato | logger: Wed May 24 10:36:46 CDT 2006 notice
1 | 6 | plato | logger: Wed May 24 10:36:46 CDT 2006 info
1 | 7 | plato | logger: Wed May 24 10:36:46 CDT 2006 debug
Here is what Syslog-NG wrote to a flat file:
FACILITY: 1 SEVERITY: 1 MESSAGE: logger: Wed May 24 10:31:42 CDT 2006
emerg
FACILITY: 1 SEVERITY: 2 MESSAGE: logger: Wed May 24 10:31:42 CDT 2006
alert
FACILITY: 1 SEVERITY: 3 MESSAGE: logger: Wed May 24 10:31:42 CDT 2006 crit
FACILITY: 1 SEVERITY: 4 MESSAGE: logger: Wed May 24 10:31:42 CDT 2006 err
FACILITY: 1 SEVERITY: 5 MESSAGE: logger: Wed May 24 10:31:42 CDT 2006
warning
FACILITY: 1 SEVERITY: 6 MESSAGE: logger: Wed May 24 10:31:42 CDT 2006
notice
FACILITY: 1 SEVERITY: 0 MESSAGE: logger: Wed May 24 10:31:42 CDT 2006 info
FACILITY: 1 SEVERITY: 1 MESSAGE: logger: Wed May 24 10:31:42 CDT 2006
debug
On Wednesday 24 May 2006 04:32, Balazs Scheidler wrote:
> On Tue, 2006-05-23 at 22:37 -0500, Jeremy M. Guthrie wrote:
> > I am in the process of trying to create a macro FAC / SEV to produce the
> > two numeric values I need for facility / priority. I've been looking
> > over the source code and I was going to model those macros off of M_LEVEL
> > macro. I am using 1.6.10 at the moment.
> >
> > When I check my changes.... my code doesn't seem to produce the desired
> > results. ;)
> >
> > Not sure if I am missing something relative to
> > static unsigned char lengthtable[] & static struct macro_def wordlist[]
> > ?
> >
> > Am I missing something obvious? It also appears I may have broken other
> > macros such as SEC, LEVEL, and a few others. Did I shift something
> > relative to the lengthtable that might have hosed the program? It's been
> > a while since I have coded much of anything in 'c'.
>
> Attached patch should do what you wanted, can you test it please, before
> I commit it?
>
> I've changed the macro names, to avoid introducing another term for
> severity.
>
> macros-gperf.c is autogenerated using gperf that's why you broke the
> hash lookup algorithm by adding elements at random locations in that
> array.
>
> Index: macros.c
> ===================================================================
> RCS file: /var/cvs/syslog-ng/syslog-ng/src/macros.c,v
> retrieving revision 1.4.4.8
> diff -u -r1.4.4.8 macros.c
> --- macros.c 14 Feb 2006 10:05:51 -0000 1.4.4.8
> +++ macros.c 24 May 2006 09:29:51 -0000
> @@ -171,6 +171,10 @@
> }
> break;
> }
> + case M_FACILITY_NUM: {
> + length = snprintf(*dest, *left, "%d", (msg->pri &
> LOG_FACMASK) >> 3); + break;
> + }
> case M_LEVEL: {
> /* level */
> char *n = syslog_lookup_value(msg->pri & LOG_PRIMASK,
> sl_levels); @@ -184,6 +188,10 @@
>
> break;
> }
> + case M_LEVEL_NUM: {
> + length = snprintf(*dest, *left, "%d", (msg->pri %
> LOG_PRIMASK)); + break;
> + }
> case M_TAG: {
> length = snprintf(*dest, *left, "%02x", msg->pri);
> break;
> Index: macros.gprf
> ===================================================================
> RCS file: /var/cvs/syslog-ng/syslog-ng/src/macros.gprf,v
> retrieving revision 1.1.4.2
> diff -u -r1.1.4.2 macros.gprf
> --- macros.gprf 13 Dec 2004 18:17:58 -0000 1.1.4.2
> +++ macros.gprf 24 May 2006 09:29:51 -0000
> @@ -4,8 +4,10 @@
> struct macro_def { char *name; int id; int len; };
> %%
> FACILITY, M_FACILITY
> +FACILITY_NUM, M_FACILITY_NUM
> PRIORITY, M_LEVEL
> LEVEL, M_LEVEL
> +LEVEL_NUM, M_LEVEL_NUM
> TAG, M_TAG
> PRI, M_PRI
> DATE, M_DATE
> Index: macros.h
> ===================================================================
> RCS file: /var/cvs/syslog-ng/syslog-ng/src/macros.h,v
> retrieving revision 1.2.4.2
> diff -u -r1.2.4.2 macros.h
> --- macros.h 6 May 2004 07:37:10 -0000 1.2.4.2
> +++ macros.h 24 May 2006 09:29:51 -0000
> @@ -25,10 +25,12 @@
> #ifndef __MACROS_H
> #define __MACROS_H
>
> -#define M_FACILITY 0
> -#define M_LEVEL 10
> -#define M_TAG 20
> -#define M_PRI 21
> +#define M_FACILITY 0
> +#define M_FACILITY_NUM 1
> +#define M_LEVEL 10
> +#define M_LEVEL_NUM 11
> +#define M_TAG 20
> +#define M_PRI 21
>
> #define M_DATE 30
> #define M_FULLDATE 40
--
--------------------------------------------------
Jeremy M. Guthrie jeremy.guthrie at berbee.com
Senior Network Engineer Phone: 608-298-1061
Berbee Fax: 608-288-3007
5520 Research Park Drive NOC: 608-298-1102
Madison, WI 53711
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20060525/d412d377/attachment.pgp
More information about the syslog-ng
mailing list