Module: SyslogProtocol

Defined in:
lib/syslog_protocol_ms.rb,
lib/syslog_protocol_ms/common.rb,
lib/syslog_protocol_ms/logger.rb,
lib/syslog_protocol_ms/packet.rb,
lib/syslog_protocol_ms/parser.rb

Defined Under Namespace

Classes: Logger, Packet

Constant Summary collapse

VERSION =
'0.10.1'
FACILITIES =

These hashes stolen from Syslog.pm

{
  'kern'     => 0,
  'user'     => 1,
  'mail'     => 2,
  'daemon'   => 3,
  'auth'     => 4,
  'syslog'   => 5,
  'lpr'      => 6,
  'news'     => 7,
  'uucp'     => 8,
  'cron'     => 9,
  'authpriv' => 10,
  'ftp'      => 11,
  'ntp'      => 12,
  'audit'    => 13,
  'alert'    => 14,
  'at'       => 15,
  'local0'   => 16,
  'local1'   => 17,
  'local2'   => 18,
  'local3'   => 19,
  'local4'   => 20,
  'local5'   => 21,
  'local6'   => 22,
  'local7'   => 23
}
FACILITY_INDEX =
{
  0   => 'kern',
  1   => 'user',
  2   => 'mail',
  3   => 'daemon',
  4   => 'auth',
  5   => 'syslog',
  6   => 'lpr',
  7   => 'news',
  8   => 'uucp',
  9   => 'cron',
  10  => 'authpriv',
  11  => 'ftp',
  12  => 'ntp',
  13  => 'audit',
  14  => 'alert',
  15  => 'at',
  16  => 'local0',
  17  => 'local1',
  18  => 'local2',
  19  => 'local3',
  20  => 'local4',
  21  => 'local5',
  22  => 'local6',
  23  => 'local7'
}
SEVERITIES =
{
  'emerg'   => 0,
  'alert'   => 1,
  'crit'    => 2,
  'err'     => 3,
  'warn'    => 4,
  'notice'  => 5,
  'info'    => 6,
  'debug'   => 7
}
SEVERITY_INDEX =
{
  0  => 'emerg',
  1  => 'alert',
  2  => 'crit',
  3  => 'err',
  4  => 'warn',
  5  => 'notice',
  6  => 'info',
  7  => 'debug'
}

Class Method Summary collapse

Class Method Details

.parse(msg, origin = nil) ⇒ Object



5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# File 'lib/syslog_protocol_ms/parser.rb', line 5

def self.parse(msg, origin=nil)
  packet = Packet.new
  original_msg = msg.dup
  pri = parse_pri(msg)
  if pri and (pri = pri.to_i).is_a? Integer and (0..191).include?(pri)
    packet.pri = pri
  else
    # If there isn't a valid PRI, treat the entire message as content
    packet.pri = 13
    packet.time = Time.now
    packet.hostname = origin || 'unknown'
    packet.content = original_msg
    return packet
  end
  time = parse_time(msg)
  if time
    packet.time = Time.parse(time)
  else
    packet.time = Time.now
  end
  hostname = parse_hostname(msg)
  packet.hostname = hostname || origin
  if m = msg.match(/^(\w+)(: | )(.*)$/)
    packet.tag = m[1]
    packet.content = m[3]
  else
    packet.tag = 'unknown'
    packet.content = msg
  end
  packet
end