diff options
author | Tomas Bzatek <tbzatek@redhat.com> | 2014-05-22 17:35:01 +0200 |
---|---|---|
committer | Tomas Bzatek <tbzatek@redhat.com> | 2014-05-26 16:46:30 +0200 |
commit | 58dcc99707d1a3cb76fa4ec311af10d65d9cdede (patch) | |
tree | 6b3f8f2f103367a0deecda183440cb2b1044ca21 | |
parent | ea20e9bcdbc943e088006992bd10b8c0b585cd9d (diff) | |
download | openlmi-providers-58dcc99707d1a3cb76fa4ec311af10d65d9cdede.tar.gz openlmi-providers-58dcc99707d1a3cb76fa4ec311af10d65d9cdede.tar.xz openlmi-providers-58dcc99707d1a3cb76fa4ec311af10d65d9cdede.zip |
journald: Expose UID, GID, PID and syslog facility/severity fields
This is useful e.g. for indication filtering.
-rw-r--r-- | mof/60_LMI_Journald.mof | 47 | ||||
-rw-r--r-- | src/journald/instutil.c | 115 |
2 files changed, 128 insertions, 34 deletions
diff --git a/mof/60_LMI_Journald.mof b/mof/60_LMI_Journald.mof index 938b3d2..7caddca 100644 --- a/mof/60_LMI_Journald.mof +++ b/mof/60_LMI_Journald.mof @@ -197,7 +197,7 @@ class LMI_JournalMessageLog: CIM_MessageLog string IterationIdentifier); }; -[ Version("0.4.1"), Provider("cmpi:cmpiLMI_Journald") ] +[ Version("0.4.3"), Provider("cmpi:cmpiLMI_Journald") ] class LMI_JournalLogRecord: CIM_LogRecord { [ Implemented(true), Override("LogCreationClassName"), Key ] @@ -224,6 +224,51 @@ class LMI_JournalLogRecord: CIM_LogRecord [ Implemented(true), Override("PerceivedSeverity") ] uint16 PerceivedSeverity; + + [ Implemented(true), Description ( + "Denotes numerical effective user ID of the process that sent the " + "message. This ID is system specific and usually maps to a local " + "POSIX account." ) ] + uint64 UserID; + + [ Implemented(true), Description ( + "Denotes numerical effective group ID of the process that sent the " + "message. This ID is system specific and usually maps to a local " + "POSIX account." ) ] + uint64 GroupID; + + [ Implemented(true), Description ( + "Denotes numerical ID of the process that sent the message." ) ] + uint64 ProcessID; + + [ Implemented(true), Description ( + "A syslog facility level specifying what type of program is logging " + "the message. Values are defined by RFC 3164." ), + ValueMap { "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "10", "11", + "12", "13", "14", "15", "16", "17", "18", "19", "20", "21", + "22", "23" }, + Values { "kern", "user", "mail", "daemon", "auth", "syslog", "lpr", + "news", "uucp", "clock", "authpriv", "ftp", "ntp", "audit", + "alert", "cron", "local0", "local1", "local2", "local3", + "local4", "local5", "local6", "local7" } ] + uint16 SyslogFacility; + + [ Implemented(true), Description ( + "A syslog severity level of the message, defined by RFC 5424." ), + ValueMap { "0", "1", "2", "3", "4", "5", "6", "7" }, + Values { "Emergency", "Alert", "Critical", "Error", "Warning", "Notice", + "Informational", "Debug" } ] + uint16 SyslogSeverity; + + [ Implemented(true), Description ( + "A syslog identifier string, usually carrying process name that " + "logged the message." ) ] + String SyslogIdentifier; + + [ Implemented(true), Description ( + "The systemd unit name, not set when message has not been logged " + "natively through journald (i.e. through syslog transport)." ) ] + String SystemdUnit; }; [ Version("0.4.1"), Provider("cmpi:cmpiLMI_Journald"), diff --git a/src/journald/instutil.c b/src/journald/instutil.c index b3987bc..0c716f8 100644 --- a/src/journald/instutil.c +++ b/src/journald/instutil.c @@ -92,6 +92,27 @@ static int dup_journal_data( return 0; } +static int get_journal_data_int( + sd_journal *j, + const char *key, + long int *out) +{ + int r; + gchar *d; + + *out = -1; + r = dup_journal_data(j, key, &d); + if (r >= 0 && d != NULL && strlen(d) > 0) { + char *conv_err = NULL; + long int i = strtol(d, &conv_err, 10); + if (conv_err == NULL || *conv_err == '\0') + *out = i; + g_free(d); + return 0; + } + return -1; +} + static int get_record_message(sd_journal *j, gboolean full_format, gchar **out) { int r; @@ -173,6 +194,7 @@ int create_LMI_JournalLogRecord(sd_journal *j, uint64_t usec; CMPIDateTime *date; gchar *d; + long int i; LMI_JournalLogRecord_Set_CreationClassName(rec, LMI_JournalLogRecord_ClassName); LMI_JournalLogRecord_Set_LogCreationClassName(rec, LMI_JournalMessageLog_ClassName); @@ -200,40 +222,67 @@ int create_LMI_JournalLogRecord(sd_journal *j, } /* Optional: PerceivedSeverity */ - r = dup_journal_data(j, "PRIORITY", &d); + if (get_journal_data_int(j, "PRIORITY", &i) >= 0) { + switch (i) { + case LOG_EMERG: + /* 7 - Fatal/NonRecoverable should be used to indicate an error occurred, + * but it's too late to take remedial action. */ + LMI_JournalLogRecord_Set_PerceivedSeverity_Fatal_NonRecoverable(rec); + break; + case LOG_ALERT: + case LOG_CRIT: + /* 6 - Critical should be used to indicate action is needed NOW and the scope + * is broad (perhaps an imminent outage to a critical resource will result). */ + LMI_JournalLogRecord_Set_PerceivedSeverity_Critical(rec); + break; + case LOG_ERR: + /* 4 - Minor should be used to indicate action is needed, but the situation + * is not serious at this time. */ + LMI_JournalLogRecord_Set_PerceivedSeverity_Minor(rec); + break; + case LOG_WARNING: + /* 3 - Degraded/Warning should be used when its appropriate to let the user + * decide if action is needed. */ + LMI_JournalLogRecord_Set_PerceivedSeverity_Degraded_Warning(rec); + break; + case LOG_NOTICE: + case LOG_INFO: + case LOG_DEBUG: + /* 2 - Information */ + LMI_JournalLogRecord_Set_PerceivedSeverity_Information(rec); + break; + } + if (i >= 0 && i <= LOG_DEBUG) + LMI_JournalLogRecord_Set_SyslogSeverity(rec, i); + } + + /* Optional: UID */ + if (get_journal_data_int(j, "_UID", &i) >= 0) + LMI_JournalLogRecord_Set_UserID(rec, i); + + /* Optional: GID */ + if (get_journal_data_int(j, "_GID", &i) >= 0) + LMI_JournalLogRecord_Set_GroupID(rec, i); + + /* Optional: PID */ + if (get_journal_data_int(j, "SYSLOG_PID", &i) >= 0 || get_journal_data_int(j, "_PID", &i) >= 0) + LMI_JournalLogRecord_Set_ProcessID(rec, i); + + /* Optional: Syslog facility */ + if (get_journal_data_int(j, "SYSLOG_FACILITY", &i) >= 0 && i < LOG_NFACILITIES) + LMI_JournalLogRecord_Set_SyslogFacility(rec, i); + + /* Optional: Syslog identifier */ + r = dup_journal_data(j, "SYSLOG_IDENTIFIER", &d); if (r >= 0 && d != NULL && strlen(d) > 0) { - char *conv_err = NULL; - long int i = strtol(d, &conv_err, 10); - if (conv_err == NULL || *conv_err == '\0') - switch (i) { - case LOG_EMERG: - /* 7 - Fatal/NonRecoverable should be used to indicate an error occurred, - * but it's too late to take remedial action. */ - LMI_JournalLogRecord_Set_PerceivedSeverity_Fatal_NonRecoverable(rec); - break; - case LOG_ALERT: - case LOG_CRIT: - /* 6 - Critical should be used to indicate action is needed NOW and the scope - * is broad (perhaps an imminent outage to a critical resource will result). */ - LMI_JournalLogRecord_Set_PerceivedSeverity_Critical(rec); - break; - case LOG_ERR: - /* 4 - Minor should be used to indicate action is needed, but the situation - * is not serious at this time. */ - LMI_JournalLogRecord_Set_PerceivedSeverity_Minor(rec); - break; - case LOG_WARNING: - /* 3 - Degraded/Warning should be used when its appropriate to let the user - * decide if action is needed. */ - LMI_JournalLogRecord_Set_PerceivedSeverity_Degraded_Warning(rec); - break; - case LOG_NOTICE: - case LOG_INFO: - case LOG_DEBUG: - /* 2 - Information */ - LMI_JournalLogRecord_Set_PerceivedSeverity_Information(rec); - break; - } + LMI_JournalLogRecord_Set_SyslogIdentifier(rec, d); + g_free(d); + } + + /* Optional: Systemd unit */ + r = dup_journal_data(j, "_SYSTEMD_UNIT", &d); + if (r >= 0 && d != NULL && strlen(d) > 0) { + LMI_JournalLogRecord_Set_SystemdUnit(rec, d); g_free(d); } |