Subversion Repositories configs

Rev

Go to most recent revision | Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
192 - 1
# Generic configuration items (to be used as interpolations) in other
2
# filters  or actions configurations
3
#
4
 
5
[INCLUDES]
6
 
7
# Load customizations if any available
8
after = common.local
9
 
10
 
11
[DEFAULT]
12
 
13
# Type of log-file resp. log-format (file, short, journal, rfc542):
14
logtype = file
15
 
16
# Daemon definition is to be specialized (if needed) in .conf file
17
_daemon = \S*
18
 
19
#
20
# Shortcuts for easier comprehension of the failregex
21
#
22
# PID.
23
# EXAMPLES: [123]
24
__pid_re = (?:\[\d+\])
25
 
26
# Daemon name (with optional source_file:line or whatever)
27
# EXAMPLES: pam_rhosts_auth, [sshd], pop(pam_unix)
28
__daemon_re = [\[\(]?%(_daemon)s(?:\(\S+\))?[\]\)]?:?
29
 
30
# extra daemon info
31
# EXAMPLE: [ID 800047 auth.info]
32
__daemon_extra_re = \[ID \d+ \S+\]
33
 
34
# Combinations of daemon name and PID
35
# EXAMPLES: sshd[31607], pop(pam_unix)[4920]
36
__daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:?)
37
 
38
# Some messages have a kernel prefix with a timestamp
39
# EXAMPLES: kernel: [769570.846956]
40
__kernel_prefix = kernel:\s?\[ *\d+\.\d+\]:?
41
 
42
__hostname = \S+
43
 
44
# A MD5 hex
45
# EXAMPLES: 07:06:27:55:b0:e3:0c:3c:5a:28:2d:7c:7e:4c:77:5f
46
__md5hex = (?:[\da-f]{2}:){15}[\da-f]{2}
47
 
48
# bsdverbose is where syslogd is started with -v or -vv and results in <4.3> or
49
# <auth.info> appearing before the host as per testcases/files/logs/bsd/*.
50
__bsd_syslog_verbose = <[^.]+\.[^.]+>
51
 
52
__vserver = @vserver_\S+
53
 
54
__date_ambit = (?:\[\])
55
 
56
# Common line prefixes (beginnings) which could be used in filters
57
#
58
#      [bsdverbose]? [hostname] [vserver tag] daemon_id spaces
59
#
60
# This can be optional (for instance if we match named native log files)
61
__prefix_line = <lt_<logtype>/__prefix_line>
62
 
63
# PAM authentication mechanism check for failures, e.g.: pam_unix, pam_sss,
64
# pam_ldap
65
__pam_auth = pam_unix
66
 
67
# standardly all formats using prefix have line-begin anchored date:
68
datepattern = <lt_<logtype>/datepattern>
69
 
70
[lt_file]
71
# Common line prefixes for logtype "file":
72
__prefix_line = %(__date_ambit)s?\s*(?:%(__bsd_syslog_verbose)s\s+)?(?:%(__hostname)s\s+)?(?:%(__kernel_prefix)s\s+)?(?:%(__vserver)s\s+)?(?:%(__daemon_combs_re)s\s+)?(?:%(__daemon_extra_re)s\s+)?
73
datepattern = {^LN-BEG}
74
 
75
[lt_short]
76
# Common (short) line prefix for logtype "journal" (corresponds output of formatJournalEntry):
77
__prefix_line = \s*(?:%(__hostname)s\s+)?(?:%(_daemon)s%(__pid_re)s?:?\s+)?(?:%(__kernel_prefix)s\s+)?
78
datepattern = %(lt_file/datepattern)s
79
[lt_journal]
80
__prefix_line = %(lt_short/__prefix_line)s
81
datepattern = %(lt_short/datepattern)s
82
 
83
[lt_rfc5424]
84
# RFC 5424 log-format, see gh-2309:
85
#__prefix_line = \s*<__hostname> <__daemon_re> \d+ \S+ \S+\s+
86
__prefix_line = \s*<__hostname> <__daemon_re> \d+ \S+ (?:[^\[\]\s]+|(?:\[(?:[^\]"]*|"[^"]*")*\])+)\s+
87
datepattern = ^<\d+>\d+\s+{DATE}
88
 
89
# Author: Yaroslav Halchenko, Sergey G. Brester (aka sebres)