|
1
|
|
|
<?php declare(strict_types=1); |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* ___ _ |
|
5
|
|
|
* | _ \__ _ _ _ __| |___ __ _ |
|
6
|
|
|
* | _/ _` | '_(_-< / _ \/ _` | |
|
7
|
|
|
* |_| \__,_|_| /__/_\___/\__, | |
|
8
|
|
|
* |___/ |
|
9
|
|
|
* |
|
10
|
|
|
* (c) Kristuff <[email protected]> |
|
11
|
|
|
* |
|
12
|
|
|
* For the full copyright and license information, please view the LICENSE |
|
13
|
|
|
* file that was distributed with this source code. |
|
14
|
|
|
* |
|
15
|
|
|
* @version 0.7.2 |
|
16
|
|
|
* @copyright 2017-2021 Kristuff |
|
17
|
|
|
*/ |
|
18
|
|
|
|
|
19
|
|
|
namespace Kristuff\Parselog\Software; |
|
20
|
|
|
|
|
21
|
|
|
use Kristuff\Parselog\Core\LogEntryFactoryInterface; |
|
22
|
|
|
|
|
23
|
|
|
/** |
|
24
|
|
|
* |
|
25
|
|
|
* Aug 15 10:39:01 domain CRON[25038]: (root) CMD ( [ -x /usr/lib/php/sessionclean ] && if [ ! -d /run/systemd/system ]; then /usr/lib/php/sessionclean; fi) |
|
26
|
|
|
* Oct 2 14:51:43 domain systemd-logind[342]: New session 827 of user XXX |
|
27
|
|
|
* Oct 2 14:51:49 domain su: (to root) xxx on pts/1 |
|
28
|
|
|
*/ |
|
29
|
|
|
class SyslogParser extends SoftwareLogParser |
|
30
|
|
|
{ |
|
31
|
|
|
/** |
|
32
|
|
|
* Constructor |
|
33
|
|
|
* |
|
34
|
|
|
* @access public |
|
35
|
|
|
* @param string $format |
|
36
|
|
|
* @param LogEntryFactoryInterface $factory |
|
37
|
|
|
* |
|
38
|
|
|
* @return void |
|
39
|
|
|
*/ |
|
40
|
|
|
public function __construct(string $format = null, LogEntryFactoryInterface $factory = null) |
|
41
|
|
|
{ |
|
42
|
|
|
$this->software = 'Syslog'; |
|
43
|
|
|
$this->prettyName = 'Syslog'; |
|
44
|
|
|
|
|
45
|
|
|
$this->addFormat('default', '%t %h %s%p: %m'); |
|
46
|
|
|
$this->defaultFormat = '%t %h %s%p: %m'; |
|
47
|
|
|
|
|
48
|
|
|
$this->addPath("/var/log/"); |
|
49
|
|
|
$this->addFile("syslog"); |
|
50
|
|
|
$this->addFile("kern.log"); |
|
51
|
|
|
$this->addFile("auth.log"); |
|
52
|
|
|
$this->addFile("daemon.log"); |
|
53
|
|
|
$this->addFile("mail.err"); |
|
54
|
|
|
$this->addFile("mail.warn"); |
|
55
|
|
|
$this->addFile("mail.info"); |
|
56
|
|
|
$this->addFile("user"); |
|
57
|
|
|
$this->addFile("messages"); |
|
58
|
|
|
|
|
59
|
|
|
$this->addPattern('%t', '(?P<time>(?:Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec) (\s\d|\d{2}) \d{2}:\d{2}:\d{2})'); |
|
60
|
|
|
$this->addPattern('%h', '(?P<hostname>.+?)'); |
|
61
|
|
|
$this->addPattern('%s', '(?P<service>[^\[:]+)'); |
|
62
|
|
|
$this->addPattern('%p', '(\[(?P<pid>\d+)\])?'); |
|
63
|
|
|
$this->addPattern('%m', '(?P<message>.+)'); |
|
64
|
|
|
|
|
65
|
|
|
parent::__construct($format, $factory); |
|
66
|
|
|
} |
|
67
|
|
|
} |
kristuff /
parselog
