[syslog-ng] kernel logging feature requests

[Balazs Scheidler]

On Fri, 2011-09-16 at 21:16 -0600, Patrick H. wrote:
> While setting up a new server at home I've come across 2 feature
> requests that would be fairly nice to have (and not that hard to
> implement I would think).
> 
> 1) When the 'kernel' flag is set on a file() source (like for
> reading /proc/kmsg), look for the printk time (eg "[ 1234.567890]")
> and calculate when the message would have occurred instead of just
> using when the line was read off the file. Basically check to see the
> number of seconds the system has been up, subtract the printk time,
> and then subtract that from current time.

this would be useful, I agree.

> 
> 2) I grab all kernel messages with priority of crit or higher and send
> it to the usertty() destination, but this destination doesnt support
> templates. It'd be nice to be able to define the template. I mostly
> just want to change the time format and remove the hostname (since
> these will only come from localhost on my setup).

Also, seems quite useful. usertty() was created before templates were
used for anything but filenames.

I'm right in the middle of pulling the PE related changes into the OSE
tree finally, so I'm not sure when I can work on these. 

The option needs to be added to the grammar (afuser-grammar.ym), then
the compiled template stored in the AFUserDestDriver.

Then where the current sprintf() code formats the message in
afuser_dd_queue(), the template expansion code be called
(log_template_format()), and write that to the terminal.

The best would be if the current format would be the default value of
the template() option, so that no branches would be needed in
afuser_dd_queue() for the templetized case.

Anyone volunteering?


-- 
Bazsi