diff options
Diffstat (limited to 'src/formats/esx_syslog_log.json')
| -rw-r--r-- | src/formats/esx_syslog_log.json | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/src/formats/esx_syslog_log.json b/src/formats/esx_syslog_log.json new file mode 100644 index 0000000..85fa881 --- /dev/null +++ b/src/formats/esx_syslog_log.json @@ -0,0 +1,66 @@ +{ + "$schema": "https://lnav.org/schemas/format-v1.schema.json", + "esx_syslog_log": { + "title": "ESXi Syslog", + "description": "Format specific to the ESXi syslog", + "regex": { + "std": { + "pattern": "^(?<timestamp>(?:\\S{3,8}\\s+\\d{1,2} \\d{2}:\\d{2}:\\d{2}|\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{3})?Z))\\s+(?<level>\\w+)\\((?<syslog_pri>\\d+)\\)(?:\\[\\+\\]|\\+)?(?:(?: (?<log_syslog_tag>(?<log_procname>(?:[^\\[:]+|[^:]+))(?:\\[(?<log_pid>\\d+)\\])?):\\s*(?<body>.*))$|:?(?:(?: ---)? last message repeated \\d+ times?(?: ---)?))" + }, + "host": { + "pattern": "^(?<timestamp>(?:\\S{3,8}\\s+\\d{1,2} \\d{2}:\\d{2}:\\d{2}|\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{3})?Z))\\s+(?<level>\\w+)\\((?<syslog_pri>\\d+)\\)(?:\\[\\+\\]|\\+)?(?:(?: (?<log_syslog_tag>(?:host-(?<log_pid>\\d+))?)\\s+(?<body>.*))$|:?(?:(?: ---)? last message repeated \\d+ times?(?: ---)?))" + }, + "notime": { + "pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2})\\s+(?<level>\\w+)\\((?<syslog_pri>\\d+)\\)\\s+(?<log_procname>[^\\[]+)\\[(?<log_pid>\\d+)\\]:\\s(?<new_time>\\d{2}:\\d{2}:\\d{2}\\.\\d+)\\s+(?<body>.*)" + } + }, + "level": { + "debug": "^Db$", + "info": "^In$", + "notice": "^No$", + "warning": "^Wa$", + "error": "^Er$", + "critical": "^Cr$", + "fatal": "^(?:Al|Em)$" + }, + "opid-field": "log_syslog_tag", + "time-field": "new_time", + "multiline": false, + "value": { + "body": { + "kind": "string" + }, + "log_pid": { + "kind": "string", + "identifier": true + }, + "log_procname": { + "kind": "string", + "identifier": true + }, + "log_syslog_tag": { + "kind": "string" + }, + "syslog_pri": { + "kind": "string" + }, + "timestamp": { + "kind": "string" + } + }, + "sample": [ + { + "line": "2022-06-02T05:34:56.746Z In(14) ConfigStore[1001430703]: Log for ConfigStore version=1.0 build=build-19833347 option=BETA" + }, + { + "line": "2022-06-02T05:34:23Z In(14)[+] hostprofile[1001430319]: {'mode': 'Disabled', 'exceptionUsers': []}" + }, + { + "line": "2022-06-02 In(14) hostprofile[1001430319]: 05:34:23.666 {'mode': 'Disabled', 'exceptionUsers': []}" + }, + { + "line": "2022-06-01T13:42:40.681Z In(05) host-16250 <analytics> Skip service health check. State STOPPED, Curr request 0" + } + ] + } +} |