tyler.durden/loganalyzer
1
0
Fork 0
mirror of https://github.com/rsyslog/loganalyzer.git synced 2025-09-26 11:19:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Changed WinSyslog line parser, so it is more variable

Browse Source
This commit is contained in:
Andre Lorbach 2008-09-01 17:31:06 +02:00
parent 527abd30da
commit 378006eb14
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/classes/logstreamlineparserwinsyslog.class.php
View File

@ -66,7 +66,7 @@ class LogStreamLineParserwinsyslog extends LogStreamLineParser {
$arrArguments[SYSLOG_MESSAGETYPE] = IUT_Syslog; $arrArguments[SYSLOG_MESSAGETYPE] = IUT_Syslog;
// Sample (WinSyslog/EventReporter): 2008-04-02,15:19:06,2008-04-02,15:19:06,127.0.0.1,16,5,EvntSLog: Performance counters for the RSVP (QoS RSVP) service were loaded successfully. // Sample (WinSyslog/EventReporter): 2008-04-02,15:19:06,2008-04-02,15:19:06,127.0.0.1,16,5,EvntSLog: Performance counters for the RSVP (QoS RSVP) service were loaded successfully.
if ( preg_match("/([0-9]{4,4}-[0-9]{1,2}-[0-9]{1,2},[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}),([0-9]{4,4}-[0-9]{1,2}-[0-9]{1,2},[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}),(.*?),([0-9]{1,2}),([0-9]{1,2}),(.*?):(.*?)$/", $szLine, $out ) ) if ( preg_match("/([0-9]{4,4}-[0-9]{1,2}-[0-9]{1,2}.[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}),([0-9]{4,4}-[0-9]{1,2}-[0-9]{1,2}.[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}),(.*?),([0-9]{1,2}),([0-9]{1,2}),(.*?):(.*?)$/", $szLine, $out ) )
{ {
// Copy parsed properties! // Copy parsed properties!
$arrArguments[SYSLOG_DATE] = GetEventTime($out[1]); $arrArguments[SYSLOG_DATE] = GetEventTime($out[1]);
@ -76,7 +76,7 @@ class LogStreamLineParserwinsyslog extends LogStreamLineParser {
$arrArguments[SYSLOG_SYSLOGTAG] = $out[6]; $arrArguments[SYSLOG_SYSLOGTAG] = $out[6];
$arrArguments[SYSLOG_MESSAGE] = $out[7]; $arrArguments[SYSLOG_MESSAGE] = $out[7];
} }
else if ( preg_match("/([0-9]{4,4}-[0-9]{1,2}-[0-9]{1,2},[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}),([0-9]{4,4}-[0-9]{1,2}-[0-9]{1,2},[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}),(.*?),([0-9]{1,2}),([0-9]{1,2}),(.*?)$/", $szLine, $out ) ) else if ( preg_match("/([0-9]{4,4}-[0-9]{1,2}-[0-9]{1,2}.[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}),([0-9]{4,4}-[0-9]{1,2}-[0-9]{1,2}.[0-9]{1,2}:[0-9]{1,2}:[0-9]{1,2}),(.*?),([0-9]{1,2}),([0-9]{1,2}),(.*?)$/", $szLine, $out ) )
{ {
// Copy parsed properties! // Copy parsed properties!
$arrArguments[SYSLOG_DATE] = GetEventTime($out[1]); $arrArguments[SYSLOG_DATE] = GetEventTime($out[1]);