added build-in templates

4 files changed, 35 insertions, 14 deletions

diff --git a/ChangeLog b/ChangeLog
index 6214165d..9c9f4fb0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -20,6 +20,7 @@ Version 3.12.5 (rgerhards), 2008-03-??
   syslog messages
 - added new $ActionForwardDefaultTemplate directive
 - added new $ActionGSSForwardDefaultTemplate directive
+- added build-in templates for easier configuration
 ---------------------------------------------------------------------------
 Version 3.12.4 (rgerhards), 2008-03-25
 - Greatly enhanced rsyslogd's file write performance by disabling
diff --git a/doc/rsyslog_conf.html b/doc/rsyslog_conf.html
index 80c87233..5931a241 100644
--- a/doc/rsyslog_conf.html
+++ b/doc/rsyslog_conf.html
@@ -293,7 +293,7 @@ $template TraditionalFormat,%timegenerated% %HOSTNAME%
 <br>
 Properties can be accessed by the <a href="property_replacer.html">property
 replacer</a> (see there for details).</p>
-<p><b>Please note that as of 1.15.0, templates can also by
+<p><b>Please note that templates can also by
 used to generate selector lines with dynamic file names.</b> For
 example, if you would like to split syslog messages from different
 hosts to different files (one per host), you can define the following
@@ -302,7 +302,26 @@ template:</p>
 DynFile,"/var/log/system-%HOSTNAME%.log"</code></blockquote>
 <p>This template can then be used when defining an output
 selector line. It will result in something like
-"/var/log/system-localhost.log"</p>
+"/var/log/system-localhost.log"</p><p>Template
+names beginning with "RSYSLOG_" are reserved for rsyslog use. Do NOT
+use them if, otherwise you may receive a conflict in the future (and
+quite unpredictable behaviour). There is a small set of pre-defined
+templates that you can use without the need to define it:</p><ul><li><span style="font-weight: bold;">RSYSLOG_TraditionalFileFormat</span> - the "old style" default log file format with low-precision timestamps</li><li><span style="font-weight: bold;">RSYSLOG_FileFormat</span> - a modern-style logfile format similar to TraditionalFileFormat, buth with high-precision timestamps and timezone information</li><li><span style="font-weight: bold;">RSYSLOG_TraditionalForwardFormat</span>
+- the traditional forwarding format with low-precision timestamps. Most
+useful if you send&nbsp;messages to other syslogd's or rsyslogd below
+version 3.12.5.</li><li><span style="font-weight: bold;">RSYSLOG_ForwardFormat</span>
+- a new high-precision forwarding format very similar to the
+traditional one, but with high-precision timestamps and timezone
+information. Recommended to be used when sending messages to rsyslog
+3.12.5 or above.</li><li><span style="font-weight: bold;">RSYSLOG_SyslogProtocol23Format</span>
+- the format specified in IETF's internet-draft
+ietf-syslog-protocol-23, which is assumed to be come the new syslog
+standard RFC. This format includes several improvements. The rsyslog
+message parser understands this format, so you can use it together with
+all relatively recent versions of rsyslog. Other syslogd's may get
+hopelessly confused if receiving that format, so check before you use
+it. Note that the format is unlikely to change when the final RFC comes
+out, but this may happen.</li></ul>
 <h2>Output Channels</h2>
 <p>Output Channels are a new concept first introduced in rsyslog
 0.9.0. <b>As of this writing, it is most likely that they will
diff --git a/doc/v3compatibility.html b/doc/v3compatibility.html
index 74319c38..033426cd 100644
--- a/doc/v3compatibility.html
+++ b/doc/v3compatibility.html
@@ -170,16 +170,17 @@ However, that would have broken almost all receivers, including earlier
 versions of rsyslog. To avoid this hassle, high-precision timestamps
 need to be explicitely enabled. To make this as painless as possible,
 rsyslog comes with a canned template that contains everything
-necessary. &nbsp;To enable high-precision timestamps, just use:</p><p style="font-weight: bold;"><code>$ActionForwardDefaultTemplate RSYSLOG_ForwardFileFormat # for plain TCP and UDP</code></p><p style="font-weight: bold;"><code>$ActionGSSForwardDefaultTemplate RSYSLOG_ForwardFileFormat # for GSS-API</code></p><p>And, of course, you can always set different forwarding formats by just specifying the right template.</p><p>If
+necessary. &nbsp;To enable high-precision timestamps, just use:</p><p style="font-weight: bold;"><code>$ActionForwardDefaultTemplate RSYSLOG_ForwardFormat # for plain TCP and UDP</code></p><p style="font-weight: bold;"><code>$ActionGSSForwardDefaultTemplate RSYSLOG_ForwardFormat # for GSS-API</code></p><p>And, of course, you can always set different forwarding formats by just specifying the right template.</p><p>If
 you are running in a system with only rsyslog 3.12.5 and above in the
 receiver roles, it is suggested to add one (or both) of the above
-statements to the top of your rsyslog.conf - that will enable you to
-use the best in timestamp support availble. Please note that when you
-use this format with other receivers, they will probably become pretty
-confused and not detect the timestamp at all. In earlier rsyslog
-versions, for example, that leads to duplication of timestamp and
-hostname fields and disables the detection of the orignal hostname in a
-relayed/NATed environment. So use the new format with care. </p><h2>Queue Modes for the Main Message Queue</h2>
+statements to the top of your rsyslog.conf (but after the $ModLoad's!)
+- that will enable you to use the best in timestamp support availble.
+Please note that when you use this format with other receivers, they
+will probably become pretty confused and not detect the timestamp at
+all. In earlier rsyslog versions, for example, that leads to
+duplication of timestamp and hostname fields and disables the detection
+of the orignal hostname in a relayed/NATed environment. So use the new
+format with care. </p><h2>Queue Modes for the Main Message Queue</h2>
 <p>Either "FixedArray" or "LinkedList" is recommended. "Direct"
 is available, but should not be used except for a very good reason
 ("Direct" disables queueing and will potentially lead to message loss
diff --git a/syslogd.c b/syslogd.c
index 6178a4e4..20f9882e 100644
--- a/syslogd.c
+++ b/syslogd.c
@@ -417,6 +417,7 @@ int option_DisallowWarning = 1;	/* complain if message from disallowed sender is
 
 
 /* hardcoded standard templates (used for defaults) */
+static uchar template_SyslogProtocol23Format[] = "\"<%PRI%>1 %TIMESTAMP:::date-rfc3339% %HOSTNAME% %APP-NAME% %PROCID% %MSGID% %STRUCTURED-DATA% %msg%\n\"";
 static uchar template_TraditionalFileFormat[] = "\"%TIMESTAMP% %HOSTNAME% %syslogtag%%msg:::drop-last-lf%\n\"";
 static uchar template_FileFormat[] = "\"%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag%%msg:::drop-last-lf%\n\"";
 static uchar template_WallFmt[] = "\"\r\n\7Message from syslogd@%HOSTNAME% at %timegenerated% ...\r\n %syslogtag%%msg%\n\r\"";
@@ -2812,10 +2813,9 @@ static void mainThread()
 	 * is that we need to interrupt the select() system call. -- rgerhards, 2007-10-17
 	 */
 
-	/* initialize the default templates
-	 * we use template names with a SP in front - these 
-	 * can NOT be generated via the configuration file
-	 */
+	/* initialize the build-in templates */
+	pTmp = template_SyslogProtocol23Format;
+	tplAddLine("RSYSLOG_SyslogProtocol23Format", &pTmp);
 	pTmp = template_FileFormat; /* new format for files with high-precision stamp */
 	tplAddLine("RSYSLOG_FileFormat", &pTmp);
 	pTmp = template_TraditionalFileFormat;