Improve date parsing in rfc3164 messages

Change default from rfc5424 to rfc3164 Enable dynamic version information
2020-10-05 17:59:31 +02:00 · 2020-10-05 17:59:31 +02:00 · 75b9be0a31
parent 8ae2ec7573
commit 75b9be0a31
6 changed files with 27 additions and 13 deletions
--- a/bitbucket-pipelines.yml
+++ b/bitbucket-pipelines.yml
@ -17,7 +17,7 @@ pipelines:
            - gradle
          name: Build and Release
          script:
-            - ./gradlew clean build shadowJar startShadowScripts buildRpm buildDeb
+            - ./gradlew clean build shadowJar buildRpm buildDeb
            - shopt -s nullglob ; for file in ${BITBUCKET_CLONE_DIR}/build/libs/*-all.jar ; do curl -X POST --user "${BB_AUTH_STRING}" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}/downloads" --form files=@"${file}" ; done
            - shopt -s nullglob ; for file in ${BITBUCKET_CLONE_DIR}/build/distributions/*.rpm ; do curl -X POST --user "${BB_AUTH_STRING}" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}/downloads" --form files=@"${file}" ; done
            - shopt -s nullglob ; for file in ${BITBUCKET_CLONE_DIR}/build/distributions/*.deb ; do curl -X POST --user "${BB_AUTH_STRING}" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}/downloads" --form files=@"${file}" ; done
--- a/gradle.properties
+++ b/gradle.properties
@ -1,3 +1,3 @@
 id            = syslogd
 group         = biz.nellemann.syslogd
-version       = 1.0.1
+version       = 1.0.2
--- a/src/main/java/biz/nellemann/syslogd/SyslogParser.java
+++ b/src/main/java/biz/nellemann/syslogd/SyslogParser.java
@ -37,7 +37,7 @@ public class SyslogParser {

    public static SyslogMessage parseRfc3164(final String input) throws NumberFormatException {

-        Pattern pattern = Pattern.compile("^<(\\d{1,3})>(\\D{3} \\d{2} \\d{2}:\\d{2}:\\d{2})\\s+(?:Message forwarded from )?([^\\s:]+):?\\s+(\\S+): (.*)", Pattern.CASE_INSENSITIVE);
+        Pattern pattern = Pattern.compile("^<(\\d{1,3})>(\\D{3}\\s+\\d{1,2} \\d{2}:\\d{2}:\\d{2})\\s+(?:Message forwarded from )?([^\\s:]+):?\\s+(\\S+): (.*)", Pattern.CASE_INSENSITIVE);
        Matcher matcher = pattern.matcher(input);
        boolean matchFound = matcher.find();
        if(!matchFound) {
@ -62,7 +62,7 @@ public class SyslogParser {
        log.debug("facility: " + facility);
        log.debug("severity: " + severity);

-        SyslogMessage syslogMessage = new SyslogMessage(message);
+        SyslogMessage syslogMessage = new SyslogMessage(message.trim());
        syslogMessage.facility = Facility.getByNumber(facility);
        syslogMessage.severity = Severity.getByNumber(severity);
        syslogMessage.timestamp = parseRfc3164Timestamp(date);
@ -108,7 +108,7 @@ public class SyslogParser {
        log.debug("facility: " + facility);
        log.debug("severity: " + severity);

-        SyslogMessage syslogMessage = new SyslogMessage(msg);
+        SyslogMessage syslogMessage = new SyslogMessage(msg.trim());
        syslogMessage.facility = Facility.getByNumber(facility);
        syslogMessage.severity = Severity.getByNumber(severity);
        syslogMessage.version = Integer.parseInt(ver);
@ -134,7 +134,7 @@ public class SyslogParser {
        // Date: Mmm dd hh:mm:ss
        Instant instant = null;
        try {
-            DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ofPattern("yyyy MMM dd HH:mm:ss").withZone(ZoneOffset.UTC);
+            DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ofPattern("yyyy MMM [ ]d HH:mm:ss").withZone(ZoneOffset.UTC);
            instant = Instant.from(dateTimeFormatter.parse(odt.getYear() + " " + dateString));
        } catch(DateTimeParseException e) {
            log.error("parseDate()", e);
--- a/src/main/java/biz/nellemann/syslogd/SyslogServer.java
+++ b/src/main/java/biz/nellemann/syslogd/SyslogServer.java
@ -41,10 +41,10 @@ public class SyslogServer implements Callable<Integer>, LogListener {
    @CommandLine.Option(names = "--no-tcp", negatable = true, description = "Listen on TCP [default: true]")
    boolean tcpServer = true;

-    @CommandLine.Option(names = "--rfc3164", negatable = false, description = "Parse RFC3164 messages [default: RFC5424]")
-    boolean rfc3164 = false;
+    @CommandLine.Option(names = "--rfc5424", negatable = false, description = "Parse RFC5424 messages [default: RFC3164]")
+    boolean rfc5424 = false;

-    @CommandLine.Option(names = "--no-ansi", negatable = true, description = "ANSI in output [default: true]")
+    @CommandLine.Option(names = "--no-ansi", negatable = true, description = "Output ANSI colors [default: true]")
    boolean ansiOutput = true;

    @CommandLine.Option(names = {"-f", "--file"}, description = "Write output to file [default: STDOUT]")
@ -96,10 +96,10 @@ public class SyslogServer implements Callable<Integer>, LogListener {
        String message = event.getMessage();
        SyslogMessage msg = null;
        try {
-            if(rfc3164) {
-                msg = SyslogParser.parseRfc3164(message);
-            } else {
+            if(rfc5424) {
                msg = SyslogParser.parseRfc5424(message);
+            } else {
+                msg = SyslogParser.parseRfc3164(message);
            }
        } catch(Exception e) {
            log.error("Problem parsing message: ", e);
--- a/src/main/java/biz/nellemann/syslogd/VersionProvider.java
+++ b/src/main/java/biz/nellemann/syslogd/VersionProvider.java
@ -12,7 +12,7 @@ class VersionProvider implements CommandLine.IVersionProvider {

        URL url = getClass().getResource("/version.properties");
        if (url == null) {
-            return new String[] { "No version.txt file found in the classpath." };
+            return new String[] { "No version information available." };
        }
        Properties properties = new Properties();
        properties.load(url.openStream());
--- a/src/test/groovy/biz/nellemann/syslogd/SyslogParserTest.groovy
+++ b/src/test/groovy/biz/nellemann/syslogd/SyslogParserTest.groovy
@ -36,6 +36,7 @@ class SyslogParserTest extends Specification {

        setup:
        def input = "<13>Sep 23 08:53:28 xps13 mark: adfdfdf3432434"
+        //def input = "<13>Sep  3 08:53:28 xps13 mark: adfdfdf3432434"

        when:
        SyslogMessage msg = SyslogParser.parseRfc3164(input)
@ -46,6 +47,18 @@ class SyslogParserTest extends Specification {
        msg.application == "mark"
    }

+    void "test rsyslogd sudo message"() {
+        setup:
+        String input = "<85>Oct  5 17:13:41 xps13 sudo:     mark : TTY=pts/1 ; PWD=/etc/rsyslog.d ; USER=root ; COMMAND=/usr/sbin/service rsyslog restart"
+
+        when:
+        SyslogMessage msg = SyslogParser.parseRfc3164(input)
+
+        then:
+        msg.application == "sudo"
+        msg.message == "mark : TTY=pts/1 ; PWD=/etc/rsyslog.d ; USER=root ; COMMAND=/usr/sbin/service rsyslog restart"
+    }
+
    void "test parseRfc3164Timestamp"() {

        setup:
@ -73,3 +86,4 @@ class SyslogParserTest extends Specification {
    }

 }
+