From d8d49e0958352d99871bd658126cc5eceea37906 Mon Sep 17 00:00:00 2001 From: nasseeder1 Date: Wed, 20 Mar 2019 21:39:53 +0000 Subject: [PATCH] 93_Log2Syslog: parseProfile = Automatic for automatic protocol detection (default) if a collector is defined git-svn-id: https://svn.fhem.de/fhem/trunk@18981 2b470e98-0d58-463d-a4d8-8e2adae1ed80 --- fhem/CHANGED | 2 + fhem/FHEM/93_Log2Syslog.pm | 252 +++++++++++++++++++++++++++++-------- 2 files changed, 200 insertions(+), 54 deletions(-) diff --git a/fhem/CHANGED b/fhem/CHANGED index 03ab0a817..6b6a59386 100644 --- a/fhem/CHANGED +++ b/fhem/CHANGED @@ -1,5 +1,7 @@ # Add changes at the top of the list. Keep it in ASCII, and 80-char wide. # Do not insert empty lines here, update check depends on it. + - feature: 93_Log2Syslog: parseProfile = Automatic for automatic protocol + detection (default) if a collector is defined - feature: 93_DbRep: attribute "sqlCmdVars" to set SQL variables or PRAGMA before executing SQL statement with sqlCmd - feature: 74_Unifi: new attribute customClientReadings diff --git a/fhem/FHEM/93_Log2Syslog.pm b/fhem/FHEM/93_Log2Syslog.pm index cbaf7e41a..ef44eea89 100644 --- a/fhem/FHEM/93_Log2Syslog.pm +++ b/fhem/FHEM/93_Log2Syslog.pm @@ -40,6 +40,8 @@ eval "use Net::Domain qw(hostname hostfqdn hostdomain domainname);1" or my $Mis # Versions History intern: our %Log2Syslog_vNotesIntern = ( + "5.5.0" => "18.03.2019 prepare for Meta.pm ", + "5.4.0" => "17.03.2019 new feature parseProfile = Automatic ", "5.3.2" => "08.02.2019 fix version numbering ", "5.3.1" => "21.10.2018 get of FQDN changed ", "5.3.0" => "16.10.2018 attribute sslCertPrefix added (Forum:#92030), module hints & release info order switched ", @@ -93,6 +95,7 @@ our %Log2Syslog_vNotesIntern = ( # Versions History extern: our %Log2Syslog_vNotesExtern = ( + "5.4.0" => "17.03.2019 New feature parseProfile = Automatic. The module may detect the message format BSD or IETF automatically in server mode ", "5.3.2" => "08.02.2019 fix version numbering ", "5.3.0" => "16.10.2018 attribute sslCertPrefix added to support multiple SSL-keys (Forum:#92030)", "5.2.1" => "08.10.2018 Send format of BSD changed. The TAG-field was changed to \"IDENT[PID]: \" ", @@ -250,7 +253,7 @@ sub Log2Syslog_Initialize($) { "logFormat:BSD,IETF ". "makeEvent:no,intern,reading ". "outputFields:sortable-strict,PRIVAL,FAC,SEV,TS,HOST,DATE,TIME,ID,PID,MID,SDFIELD,CONT ". - "parseProfile:BSD,IETF,TPLink-Switch,raw,ParseFn ". + "parseProfile:Automatic,BSD,IETF,TPLink-Switch,raw,ParseFn ". "parseFn:textField-long ". "respectSeverity:multiple-strict,Emergency,Alert,Critical,Error,Warning,Notice,Informational,Debug ". "octetCount:1,0 ". @@ -263,7 +266,10 @@ sub Log2Syslog_Initialize($) { "rateCalcRerun ". $readingFnAttributes ; -return undef; + + # FHEM::Meta::InitMod( __FILE__, $hash ); # für Meta.pm (https://forum.fhem.de/index.php/topic,97589.0.html) + +return; } ############################################################################### @@ -288,10 +294,10 @@ sub Log2Syslog_Define($@) { if(int(@a)-3 < 0){ # Einrichtung Servermode (Collector) - Log2Syslog_Log3slog ($hash, 3, "Log2Syslog $name - entering Syslog servermode ..."); - $hash->{MODEL} = "Collector"; - $hash->{PROFILE} = "IETF"; + $hash->{MODEL} = "Collector"; + $hash->{PROFILE} = "Automatic"; readingsSingleUpdate ($hash, 'Parse_Err_No', 0, 1); # Fehlerzähler für Parse-Errors auf 0 + Log2Syslog_Log3slog ($hash, 3, "Log2Syslog $name - entering Syslog servermode ..."); Log2Syslog_initServer("$name,global"); } else { # Sendermode @@ -315,7 +321,7 @@ sub Log2Syslog_Define($@) { } $hash->{SEQNO} = 1; # PROCID in IETF, wird kontinuierlich hochgezählt - $hash->{VERSION} = (reverse sort(keys %Log2Syslog_vNotesIntern))[0]; + $logInform{$hash->{NAME}} = "Log2Syslog_fhemlog"; # Funktion die in hash %loginform für $name eingetragen wird $hash->{HELPER}{SSLVER} = "n.a."; # Initialisierung $hash->{HELPER}{SSLALGO} = "n.a."; # Initialisierung @@ -323,6 +329,9 @@ sub Log2Syslog_Define($@) { $hash->{HELPER}{OLDSEQNO} = $hash->{SEQNO}; # Init Sequenznummer f. Ratenbestimmung $hash->{HELPER}{OLDSTATE} = "initialized"; + # Versionsinformationen setzen + Log2Syslog_setVersionInfo($hash); + readingsBeginUpdate($hash); readingsBulkUpdate($hash, "SSL_Version", "n.a."); readingsBulkUpdate($hash, "SSL_Algorithm", "n.a."); @@ -424,21 +433,21 @@ sub Log2Syslog_Read($@) { my $name = $hash->{NAME}; return if(IsDisabled($name) || Log2Syslog_IsMemLock($hash)); - my $pp = AttrVal($name, "parseProfile", "IETF"); + my $pp = $hash->{PROFILE}; my $mevt = AttrVal($name, "makeEvent", "intern"); # wie soll Reading/Event erstellt werden my $sevevt = AttrVal($name, "respectSeverity", ""); # welcher Schweregrad soll berücksichtigt werden (default: alle) if($pp =~ /BSD/) { # BSD-Format - $len = $RFC3164len{DL}; + $len = $RFC3164len{DL}; } elsif ($pp =~ /IETF/) { # IETF-Format - $len = $RFC5425len{DL}; + $len = $RFC5425len{DL}; } else { # raw oder User eigenes Format - $len = 8192; + $len = 8192; } if($socket) { @@ -624,7 +633,7 @@ return ($st,$data,$hash); sub Log2Syslog_parsePayload($$) { my ($hash,$data) = @_; my $name = $hash->{NAME}; - my $pp = AttrVal($name, "parseProfile", "IETF"); + my $pp = AttrVal($name, "parseProfile", $hash->{PROFILE}); my $severity = ""; my $facility = ""; my @evf = split(",",AttrVal($name, "outputFields", "FAC,SEV,ID,CONT")); # auszugebene Felder im Event/Reading @@ -658,8 +667,28 @@ sub Log2Syslog_parsePayload($$) { my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime(time); # Istzeit Ableitung $year = $year+1900; - if ($pp =~ /raw/) { - Log2Syslog_Log3slog($name, 4, "$name - $data"); + if($pp =~ /^Automatic/) { + $pp = "unknown"; + Log2Syslog_Log3slog($name, 4, "Log2Syslog $name - Analyze message format automatically ..."); + $data =~ /^<(?\d{1,3})>(?\w{3}).*$/; + $tail = $+{tail}; + # Test auf BSD-Format + if($tail && " Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec " =~ /\s$tail\s/) { + $pp = "BSD"; + } else { + # Test auf IETF-Format + $data =~ /^<(?\d{1,3})>(?\d{0,2})\s?(?\d{4}-\d{2}-\d{2})T(?