nellemann/syslogd
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases 3 Wiki Activity

Improve date parsing in rfc3164 messages

Browse source 
Change default from rfc5424 to rfc3164
Enable dynamic version information
This commit is contained in:
Mark Nellemann 2020-10-05 17:59:31 +02:00
parent 8ae2ec7573
commit 75b9be0a31
6 changed files with 27 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
bitbucket-pipelines.yml
View file

@ -17,7 +17,7 @@ pipelines:
- gradle - gradle
name: Build and Release name: Build and Release
script: script:
- ./gradlew clean build shadowJar startShadowScripts buildRpm buildDeb - ./gradlew clean build shadowJar buildRpm buildDeb
- shopt -s nullglob ; for file in ${BITBUCKET_CLONE_DIR}/build/libs/*-all.jar ; do curl -X POST --user "${BB_AUTH_STRING}" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}/downloads" --form files=@"${file}" ; done - shopt -s nullglob ; for file in ${BITBUCKET_CLONE_DIR}/build/libs/*-all.jar ; do curl -X POST --user "${BB_AUTH_STRING}" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}/downloads" --form files=@"${file}" ; done
- shopt -s nullglob ; for file in ${BITBUCKET_CLONE_DIR}/build/distributions/*.rpm ; do curl -X POST --user "${BB_AUTH_STRING}" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}/downloads" --form files=@"${file}" ; done - shopt -s nullglob ; for file in ${BITBUCKET_CLONE_DIR}/build/distributions/*.rpm ; do curl -X POST --user "${BB_AUTH_STRING}" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}/downloads" --form files=@"${file}" ; done
- shopt -s nullglob ; for file in ${BITBUCKET_CLONE_DIR}/build/distributions/*.deb ; do curl -X POST --user "${BB_AUTH_STRING}" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}/downloads" --form files=@"${file}" ; done - shopt -s nullglob ; for file in ${BITBUCKET_CLONE_DIR}/build/distributions/*.deb ; do curl -X POST --user "${BB_AUTH_STRING}" "https://api.bitbucket.org/2.0/repositories/${BITBUCKET_REPO_OWNER}/${BITBUCKET_REPO_SLUG}/downloads" --form files=@"${file}" ; done

2
gradle.properties
View file

@ -1,3 +1,3 @@
id = syslogd id = syslogd
group = biz.nellemann.syslogd group = biz.nellemann.syslogd
version = 1.0.1 version = 1.0.2

8
src/main/java/biz/nellemann/syslogd/SyslogParser.java
View file

@ -37,7 +37,7 @@ public class SyslogParser {
public static SyslogMessage parseRfc3164(final String input) throws NumberFormatException { public static SyslogMessage parseRfc3164(final String input) throws NumberFormatException {
Pattern pattern = Pattern.compile("^<(\\d{1,3})>(\\D{3} \\d{2} \\d{2}:\\d{2}:\\d{2})\\s+(?:Message forwarded from )?([^\\s:]+):?\\s+(\\S+): (.*)", Pattern.CASE_INSENSITIVE); Pattern pattern = Pattern.compile("^<(\\d{1,3})>(\\D{3}\\s+\\d{1,2} \\d{2}:\\d{2}:\\d{2})\\s+(?:Message forwarded from )?([^\\s:]+):?\\s+(\\S+): (.*)", Pattern.CASE_INSENSITIVE);
Matcher matcher = pattern.matcher(input); Matcher matcher = pattern.matcher(input);
boolean matchFound = matcher.find(); boolean matchFound = matcher.find();
if(!matchFound) { if(!matchFound) {
@ -62,7 +62,7 @@ public class SyslogParser {
log.debug("facility: " + facility); log.debug("facility: " + facility);
log.debug("severity: " + severity); log.debug("severity: " + severity);
SyslogMessage syslogMessage = new SyslogMessage(message); SyslogMessage syslogMessage = new SyslogMessage(message.trim());
syslogMessage.facility = Facility.getByNumber(facility); syslogMessage.facility = Facility.getByNumber(facility);
syslogMessage.severity = Severity.getByNumber(severity); syslogMessage.severity = Severity.getByNumber(severity);
syslogMessage.timestamp = parseRfc3164Timestamp(date); syslogMessage.timestamp = parseRfc3164Timestamp(date);
@ -108,7 +108,7 @@ public class SyslogParser {
log.debug("facility: " + facility); log.debug("facility: " + facility);
log.debug("severity: " + severity); log.debug("severity: " + severity);
SyslogMessage syslogMessage = new SyslogMessage(msg); SyslogMessage syslogMessage = new SyslogMessage(msg.trim());
syslogMessage.facility = Facility.getByNumber(facility); syslogMessage.facility = Facility.getByNumber(facility);
syslogMessage.severity = Severity.getByNumber(severity); syslogMessage.severity = Severity.getByNumber(severity);
syslogMessage.version = Integer.parseInt(ver); syslogMessage.version = Integer.parseInt(ver);
@ -134,7 +134,7 @@ public class SyslogParser {
// Date: Mmm dd hh:mm:ss // Date: Mmm dd hh:mm:ss
Instant instant = null; Instant instant = null;
try { try {
DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ofPattern("yyyy MMM dd HH:mm:ss").withZone(ZoneOffset.UTC); DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ofPattern("yyyy MMM [ ]d HH:mm:ss").withZone(ZoneOffset.UTC);
instant = Instant.from(dateTimeFormatter.parse(odt.getYear() + " " + dateString)); instant = Instant.from(dateTimeFormatter.parse(odt.getYear() + " " + dateString));
} catch(DateTimeParseException e) { } catch(DateTimeParseException e) {
log.error("parseDate()", e); log.error("parseDate()", e);

12
src/main/java/biz/nellemann/syslogd/SyslogServer.java
View file

@ -41,10 +41,10 @@ public class SyslogServer implements Callable<Integer>, LogListener {
@CommandLine.Option(names = "--no-tcp", negatable = true, description = "Listen on TCP [default: true]") @CommandLine.Option(names = "--no-tcp", negatable = true, description = "Listen on TCP [default: true]")
boolean tcpServer = true; boolean tcpServer = true;
@CommandLine.Option(names = "--rfc3164", negatable = false, description = "Parse RFC3164 messages [default: RFC5424]") @CommandLine.Option(names = "--rfc5424", negatable = false, description = "Parse RFC5424 messages [default: RFC3164]")
boolean rfc3164 = false; boolean rfc5424 = false;
@CommandLine.Option(names = "--no-ansi", negatable = true, description = "ANSI in output [default: true]") @CommandLine.Option(names = "--no-ansi", negatable = true, description = "Output ANSI colors [default: true]")
boolean ansiOutput = true; boolean ansiOutput = true;
@CommandLine.Option(names = {"-f", "--file"}, description = "Write output to file [default: STDOUT]") @CommandLine.Option(names = {"-f", "--file"}, description = "Write output to file [default: STDOUT]")
@ -96,10 +96,10 @@ public class SyslogServer implements Callable<Integer>, LogListener {
String message = event.getMessage(); String message = event.getMessage();
SyslogMessage msg = null; SyslogMessage msg = null;
try { try {
if(rfc3164) { if(rfc5424) {
msg = SyslogParser.parseRfc3164(message);
} else {
msg = SyslogParser.parseRfc5424(message); msg = SyslogParser.parseRfc5424(message);
} else {
msg = SyslogParser.parseRfc3164(message);
} }
} catch(Exception e) { } catch(Exception e) {
log.error("Problem parsing message: ", e); log.error("Problem parsing message: ", e);

2
src/main/java/biz/nellemann/syslogd/VersionProvider.java
View file

@ -12,7 +12,7 @@ class VersionProvider implements CommandLine.IVersionProvider {
URL url = getClass().getResource("/version.properties"); URL url = getClass().getResource("/version.properties");
if (url == null) { if (url == null) {
return new String[] { "No version.txt file found in the classpath." }; return new String[] { "No version information available." };
} }
Properties properties = new Properties(); Properties properties = new Properties();
properties.load(url.openStream()); properties.load(url.openStream());

14
src/test/groovy/biz/nellemann/syslogd/SyslogParserTest.groovy
View file

@ -36,6 +36,7 @@ class SyslogParserTest extends Specification {
setup: setup:
def input = "<13>Sep 23 08:53:28 xps13 mark: adfdfdf3432434" def input = "<13>Sep 23 08:53:28 xps13 mark: adfdfdf3432434"
//def input = "<13>Sep 3 08:53:28 xps13 mark: adfdfdf3432434"
when: when:
SyslogMessage msg = SyslogParser.parseRfc3164(input) SyslogMessage msg = SyslogParser.parseRfc3164(input)
@ -46,6 +47,18 @@ class SyslogParserTest extends Specification {
msg.application == "mark" msg.application == "mark"
} }
void "test rsyslogd sudo message"() {
setup:
String input = "<85>Oct 5 17:13:41 xps13 sudo: mark : TTY=pts/1 ; PWD=/etc/rsyslog.d ; USER=root ; COMMAND=/usr/sbin/service rsyslog restart"
when:
SyslogMessage msg = SyslogParser.parseRfc3164(input)
then:
msg.application == "sudo"
msg.message == "mark : TTY=pts/1 ; PWD=/etc/rsyslog.d ; USER=root ; COMMAND=/usr/sbin/service rsyslog restart"
}
void "test parseRfc3164Timestamp"() { void "test parseRfc3164Timestamp"() {
setup: setup:
@ -73,3 +86,4 @@ class SyslogParserTest extends Specification {
} }
} }