Commit 6b5912cc authored by Alan W Szlosek Jr's avatar Alan W Szlosek Jr

syslog parser can now handle proper syslog format (with PRIs) and messages...

syslog parser can now handle proper syslog format (with PRIs) and messages without PRI, like found in /var/log files
parent b5a4a218
......@@ -19,34 +19,7 @@ function parsePRI(raw) {
return [facility, severity]
}
function parser(msg) {
// https://tools.ietf.org/html/rfc5424
// e.g. <PRI>time hostname tag: info
msg = msg + ''
var tagIndex = msg.indexOf(': ')
var format = msg.substr(0, tagIndex)
var priIndex = format.indexOf('>')
var pri = format.substr(1, priIndex - 1)
pri = parsePRI(pri)
var lastSpaceIndex = format.lastIndexOf(' ')
var tag = format.substr(lastSpaceIndex + 1)
var last2SpaceIndex = format.lastIndexOf(' ', lastSpaceIndex - 1) // hostname cannot contain ' '
var hostname = format.substring(last2SpaceIndex + 1, lastSpaceIndex)
// time is complex because don't know if it has year
var time = format.substring(priIndex + 1, last2SpaceIndex)
time = new Date(time)
time.setYear(new Date().getFullYear()) // fix year to now
return {
facility: pri[0]
, severity: pri[1]
, tag: tag
, time: time
, hostname: hostname
, msg: msg.substr(tagIndex + 2)
}
}
function parse(msg) {
function parseRaw(msg) {
// facility and severity are packed into the same byte
var priIndex = msg.indexOf('>', 1);
//var pri = parseInt(msg.substr(1, endPri));
......@@ -71,16 +44,44 @@ function parse(msg) {
tag: tag,
time: time,
hostname: hostname,
msg: msg.substr(tagIndex + 2)
message: msg.substr(tagIndex + 2)
};
};
module.exports = parse;
/*
function parseLogFileLine(msg, facility, severity) {
var tagIndex = msg.indexOf(': ');
var lastSpaceIndex = msg.lastIndexOf(' ', tagIndex);
var tag = msg.substring(lastSpaceIndex + 1, tagIndex);
var lastSpaceIndex2 = msg.lastIndexOf(' ', lastSpaceIndex - 1);
var hostname = msg.substring(lastSpaceIndex2 + 1, lastSpaceIndex);
var time = new Date(msg.substring(0, lastSpaceIndex2));
// Syslog messages don't include the year, so set to current year
time.setYear(new Date().getFullYear());
var out = {
facility: facility,
severity: severity,
tag: tag,
time: time,
hostname: hostname,
message: msg.substr(tagIndex + 2)
};
// Extract process name and PID
// Should support this, right? something/else[PID]
var pidIndex = tag.indexOf('[');
var pid;
if (pidIndex != -1) {
pid = tag.substring(pidIndex + 1, tag.length - 1);
out['pid'] = pid;
}
return out;
};
module.exports = {
severity: Severity,
parse: parse
parseRaw: parseRaw,
parse: parseLogFileLine
};
*/
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment