[syslog-ng] pdbtool pattern debuging
ILLES, Marton
illes.marton at balabit.hu
Tue Dec 22 18:25:10 CET 2009
Hi!
I have just pushed to my syslog-ng 3.1 git repo some patches to add more
detailed debugging/troubleshooting capabilities to patterndb through
pdbtool match. Now you can easily see how your patterns matched a given
message, which part of the message was matched by literal part of the
pattern and which by a parser. All this new feature with a wonderful
colorized output if requested, though the colors are still bit ugly...
Up to now the easiest way of creating patterns was to do trial & error
sequence and try to figure out which part of the pattern was broken. Now
you can exactly see where the matching stopped. It is also possible to
output the match in parse-able format to be used in scripts or as a
backend of some pattern authoring tool.
I am still not sure about the colored output nor about the machine
parse-able output format, so any feedback, comment, idea or suggestion
is very much appreciated.
You can see some screen-shots of pdbtool match (with colors) in action
on my blog:
http://marci.blogs.balabit.com/2009/12/pdbtool-stylists-wanted.html
The code is available in my git repo:
http://git.balabit.hu/?p=marci/syslog-ng-3.1.git;a=commit;h=c7c3b7b8157750739e29f19b7887aba6ba5f460c
I did not update the man page so far, but --help works. You should be
using the "-D" to enable debuging and "-c" for color output, while "-C"
for csv style output.
Happy matching!
Marton
--
Key fingerprint = F78C 25CA 5F88 6FAF EA21 779D 3279 9F9E 1155 670D
More information about the syslog-ng
mailing list