# Generic configuration items (to be used as interpolations) in other # filters or actions configurations # # Author: Yaroslav Halchenko # # $Revision$ # [INCLUDES] # Load customizations if any available after = common.local [DEFAULT] # Daemon definition is to be specialized (if needed) in .conf file _daemon = \S* # # Shortcuts for easier comprehension of the failregex # # PID. # EXAMPLES: [123] __pid_re = (?:\[\d+\]) # Daemon name (with optional source_file:line or whatever) # EXAMPLES: pam_rhosts_auth, [sshd], pop(pam_unix) __daemon_re = [\[\(]?%(_daemon)s(?:\(\S+\))?[\]\)]?:? # Combinations of daemon name and PID # EXAMPLES: sshd[31607], pop(pam_unix)[4920] __daemon_combs_re = (?:%(__pid_re)s?:\s+%(__daemon_re)s|%(__daemon_re)s%(__pid_re)s?:) # Some messages have a kernel prefix with a timestamp # EXAMPLES: kernel: [769570.846956] __kernel_prefix = kernel: \[\d+\.\d+\] __hostname = \S+ # # Common line prefixes (beginnings) which could be used in filters # # [bsdverbose]? [hostname] [vserver tag] daemon_id spaces # # bsdverbose is where syslogd is started with -v or -vv and results in <4.3> or # appearing before the host as per testcases/files/logs/bsd/*. # # This can be optional (for instance if we match named native log files) __prefix_line = \s*(<[^.]+.[^.]+>)?\s*(?:%(__hostname)s )?(?:%(__kernel_prefix)s )?(?:@vserver_\S+ )?%(__daemon_combs_re)s?\s*