Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Revert "Imported Upstream version 2.7.1191"

This reverts commit a55964b.
commit 5f7328e4aad94cdc94ba38fe933d0626d3a5ca63 1 parent a55964b
@lamby authored
Showing with 1,121 additions and 4,520 deletions.
  1. +0 −44 ChangeLog.txt
  2. +12 −88 LICENSE
  3. BIN  LICENSE.pdf
  4. +1 −3 Makefile.am
  5. +1 −5 Makefile.in
  6. +1 −1  VERSION
  7. +28 −86 configure
  8. +2 −27 configure.in
  9. +0 −2  doc/Makefile.in
  10. +0 −2  doc/reference-manual/Makefile.in
  11. +0 −3  doc/reference-manual/config-examples/Makefile.am
  12. +0 −5 doc/reference-manual/config-examples/Makefile.in
  13. +2 −2 doc/reference-manual/config-examples/config-example-cisco_acs.out.xml
  14. +0 −1  doc/reference-manual/config-examples/{config-example-xm_gelf_csv.xml → config-example-gelf.xml}
  15. +0 −3  doc/reference-manual/config-examples/config-example-w3c.xml
  16. +0 −26 doc/reference-manual/config-examples/config-example-wtmp2json.xml
  17. +0 −44 doc/reference-manual/config-examples/config-example-xm_gelf_file.xml
  18. +2 −0  doc/reference-manual/config-examples/config-example-xm_multiline1.in.xml
  19. +0 −1  doc/reference-manual/config-examples/config-example-xm_multiline1.out.xml
  20. +0 −2  doc/reference-manual/config-examples/config-example-xm_multiline4.out.xml
  21. +0 −42 doc/reference-manual/config-examples/config-example-xm_multiline5.conf.xml
  22. +0 −20 doc/reference-manual/config-examples/config-example-xm_multiline5.in.xml
  23. +0 −6 doc/reference-manual/config-examples/config-example-xm_multiline5.out.xml
  24. +0 −53 doc/reference-manual/config-examples/config-example-xm_syslog_file_bsd_udp.xml
  25. +1 −4 doc/reference-manual/config-examples/example-xml.sh
  26. +0 −1  doc/reference-manual/config-examples/{xm_gelf_csv.conf → gelf.conf}
  27. +0 −7 doc/reference-manual/config-examples/parsedate.stmnt
  28. +0 −11 doc/reference-manual/config-examples/stmnt-example-parsedate.xml
  29. +0 −3  doc/reference-manual/config-examples/w3c.conf
  30. +0 −24 doc/reference-manual/config-examples/wtmp2json.conf
  31. +0 −42 doc/reference-manual/config-examples/xm_gelf_file.conf
  32. +0 −51 doc/reference-manual/config-examples/xm_syslog_file_bsd_udp.conf
  33. +0 −2  doc/reference-manual/en/Makefile.in
  34. +3 −3 doc/reference-manual/en/apidoc-core.xml
  35. +0 −51 doc/reference-manual/en/apidoc-xm_fileop.xml
  36. +3 −3 doc/reference-manual/en/apidoc-xm_syslog.xml
  37. +1 −1  doc/reference-manual/en/architecture.xml
  38. +13 −1 doc/reference-manual/en/forwarding.xml
  39. +0 −1  doc/reference-manual/en/modules.xml
  40. +0 −12 doc/reference-manual/en/modules/extension/csv.xml
  41. +3 −20 doc/reference-manual/en/modules/extension/gelf.xml
  42. +5 −20 doc/reference-manual/en/modules/extension/multiline.xml
  43. +0 −10 doc/reference-manual/en/modules/extension/syslog.xml
  44. +0 −40 doc/reference-manual/en/modules/extension/wtmp.xml
  45. +0 −83 doc/reference-manual/en/modules/input/file.xml
  46. +1 −1  doc/reference-manual/en/modules/input/msvistalog.xml
  47. +1 −1  doc/reference-manual/en/modules/output/blocker.xml
  48. +3 −7 doc/reference-manual/en/modules/output/file.xml
  49. +181 −467 doc/reference-manual/en/nxlog-reference-manual.html
  50. BIN  doc/reference-manual/en/nxlog-reference-manual.pdf
  51. +175 −544 doc/reference-manual/en/nxlog-reference-manual.txt
  52. +6 −6 doc/reference-manual/en/processing.xml
  53. +1 −1  doc/reference-manual/en/quickstart.xml
  54. +0 −2  doc/reference-manual/hu/Makefile.in
  55. +1 −1  libtool
  56. +1 −1  packaging/aix/init
  57. +2 −2 packaging/aix/nxlog.spec
  58. +1 −1  packaging/debian/control.Debian-squeeze
  59. +1 −1  packaging/debian/control.Debian-wheezy
  60. +1 −1  packaging/debian/control.default
  61. +72 −86 packaging/debian/copyright
  62. +1 −1  packaging/debian/nxlog.init
  63. +4 −1 packaging/debian/postinst
  64. +5 −2 packaging/debian/postrm
  65. +0 −39 packaging/macosx/buildpkg.sh
  66. +0 −18 packaging/macosx/nxlog.conf
  67. +1 −1  packaging/redhat/init
  68. +2 −2 packaging/redhat/nxlog.spec
  69. +2 −2 packaging/redhat/nxlog.spec.RHEL5
  70. +1 −1  packaging/redhat/nxlog.spec.RHEL5.in
  71. +1 −1  packaging/redhat/nxlog.spec.in
  72. +1 −1  packaging/suse/init
  73. +1 −1  packaging/suse/nxlog.spec.SLES11
  74. BIN  packaging/windows/license.rtf
  75. +4 −7 packaging/windows/nxlog.wxs
  76. +1 −4 packaging/windows/nxlog.wxs.in
  77. +1 −1  packaging/windows/pkgmsi.sh
  78. +0 −2  src/Makefile.in
  79. +0 −2  src/common/Makefile.in
  80. +0 −3  src/common/config.h.in
  81. +4 −9 src/common/config_cache.c
  82. +151 −71 src/common/confparser.c
  83. +3 −3 src/common/core-api.xml
  84. +2 −5 src/common/error_debug.c
  85. +9 −28 src/common/expr-core-funcproc-cb.c
  86. +1 −2  src/common/expr-parser.c
  87. +0 −5 src/common/expr-parser.h
  88. +1 −7 src/common/expr.c
  89. +0 −1  src/common/expr.h
  90. +0 −5 src/common/logdata-serialize.c
  91. +2 −3 src/common/logdata.c
  92. +3 −20 src/common/module.c
  93. +1 −3 src/common/module.h
  94. +0 −1  src/common/str.c
  95. +1 −1  src/common/strptime.c
  96. +1 −3 src/common/types.h
  97. +2 −7 src/common/value.c
  98. +0 −1  src/common/writerfuncs.c
  99. +0 −2  src/core/Makefile.in
  100. +3 −3 src/core/ctx.c
  101. +1 −6 src/core/main-win32.c
  102. +2 −4 src/core/nxlog.c
  103. +18 −26 src/core/router.c
  104. +0 −2  src/modules/Makefile.in
  105. +1 −1  src/modules/extension/Makefile.am
  106. +1 −3 src/modules/extension/Makefile.in
  107. +0 −2  src/modules/extension/charconv/Makefile.in
  108. +0 −2  src/modules/extension/csv/Makefile.in
  109. +7 −16 src/modules/extension/csv/csv.c
  110. +0 −1  src/modules/extension/csv/csv.h
  111. +0 −8 src/modules/extension/csv/xm_csv.c
  112. +0 −2  src/modules/extension/exec/Makefile.in
  113. +0 −2  src/modules/extension/fileop/Makefile.in
  114. +1 −18 src/modules/extension/fileop/expr-xm_fileop-funcproc.c
  115. +1 −2  src/modules/extension/fileop/expr-xm_fileop-funcproc.h
  116. +0 −28 src/modules/extension/fileop/xm_fileop-api.xml
  117. +5 −122 src/modules/extension/fileop/xm_fileop_funcproc_cb.c
  118. +0 −2  src/modules/extension/gelf/Makefile.in
  119. +0 −2  src/modules/extension/json/Makefile.in
  120. +0 −2  src/modules/extension/json/yajl/Makefile.in
  121. +0 −2  src/modules/extension/kvp/Makefile.in
  122. +0 −2  src/modules/extension/multiline/Makefile.in
  123. +1 −54 src/modules/extension/multiline/xm_multiline.c
  124. +0 −2  src/modules/extension/perl/Makefile.in
  125. +5 −29 src/modules/extension/perl/xm_perl.c
  126. +3 −2 src/modules/extension/perl/xm_perl.h
  127. +30 −1 src/modules/extension/perl/xm_perl_funcproc_cb.c
  128. +0 −2  src/modules/extension/syslog/Makefile.in
  129. +27 −57 src/modules/extension/syslog/syslog.c
  130. +3 −3 src/modules/extension/syslog/xm_syslog-api.xml
  131. +1 −1  src/modules/extension/syslog/xm_syslog.c
  132. +0 −8 src/modules/extension/wtmp/Makefile.am
  133. +0 −562 src/modules/extension/wtmp/Makefile.in
  134. +0 −236 src/modules/extension/wtmp/xm_wtmp.c
  135. +0 −22 src/modules/extension/wtmp/xm_wtmp.h
  136. +0 −2  src/modules/extension/xml/Makefile.in
  137. +0 −2  src/modules/input/Makefile.in
  138. +0 −2  src/modules/input/dbi/Makefile.in
  139. +0 −2  src/modules/input/exec/Makefile.in
  140. +4 −24 src/modules/input/exec/im_exec.c
  141. +0 −1  src/modules/input/exec/im_exec.h
  142. +0 −2  src/modules/input/file/Makefile.in
  143. +188 −479 src/modules/input/file/im_file.c
  144. +1 −10 src/modules/input/file/im_file.h
  145. +0 −2  src/modules/input/internal/Makefile.in
  146. +0 −2  src/modules/input/kernel/Makefile.in
  147. +0 −2  src/modules/input/mark/Makefile.in
  148. +0 −2  src/modules/input/mseventlog/Makefile.in
  149. +56 −116 src/modules/input/mseventlog/im_mseventlog.c
  150. +7 −7 src/modules/input/mseventlog/im_mseventlog.h
  151. +0 −2  src/modules/input/msvistalog/Makefile.in
  152. +3 −10 src/modules/input/msvistalog/im_msvistalog.c
  153. +0 −2  src/modules/input/null/Makefile.in
  154. +0 −2  src/modules/input/ssl/Makefile.in
  155. +0 −1  src/modules/input/ssl/im_ssl.c
  156. +0 −2  src/modules/input/tcp/Makefile.in
  157. +0 −2  src/modules/input/testgen/Makefile.in
  158. +0 −2  src/modules/input/udp/Makefile.in
  159. +0 −2  src/modules/input/uds/Makefile.in
  160. +0 −2  src/modules/output/Makefile.in
  161. +0 −2  src/modules/output/blocker/Makefile.in
  162. +0 −2  src/modules/output/dbi/Makefile.in
  163. +0 −2  src/modules/output/exec/Makefile.in
  164. +0 −2  src/modules/output/file/Makefile.in
  165. +1 −1  src/modules/output/file/om_file.c
  166. +0 −2  src/modules/output/http/Makefile.in
  167. +3 −2 src/modules/output/http/om_http.c
  168. +0 −2  src/modules/output/null/Makefile.in
  169. +0 −2  src/modules/output/ssl/Makefile.in
  170. +0 −2  src/modules/output/tcp/Makefile.in
  171. +0 −2  src/modules/output/udp/Makefile.in
  172. +0 −2  src/modules/output/uds/Makefile.in
  173. +0 −2  src/modules/processor/Makefile.in
  174. +0 −2  src/modules/processor/blocker/Makefile.in
  175. +0 −2  src/modules/processor/buffer/Makefile.in
  176. +3 −4 src/modules/processor/buffer/pm_buffer.c
  177. +0 −2  src/modules/processor/evcorr/Makefile.in
  178. +0 −2  src/modules/processor/filter/Makefile.in
  179. +0 −2  src/modules/processor/norepeat/Makefile.in
  180. +0 −2  src/modules/processor/null/Makefile.in
  181. +0 −2  src/modules/processor/pattern/Makefile.in
  182. +4 −7 src/modules/processor/pattern/patterndb.c
  183. +0 −2  src/modules/processor/transformer/Makefile.in
  184. +0 −2  src/utils/Makefile.in
  185. +1 −1  svn_version.txt
  186. +0 −2  test/Makefile.in
  187. +0 −2  test/common/Makefile.in
  188. +0 −16 test/common/statements/good/csv-8
  189. +0 −6 test/common/statements/good/csv-8.conf
  190. +0 −2  test/common/statements/good/datefuncs-1
  191. +0 −4 test/common/statements/good/drop-1
  192. +0 −8 test/common/statements/good/regexp-3
  193. +0 −10 test/common/statements/good/regexpreplace-3
  194. +0 −3  test/common/statements/good/strptime-1
  195. +0 −12 test/common/statements/good/syslog-6
  196. +0 −4 test/common/statements/good/syslog-6.conf
  197. +1 −9 test/common/statements/good/syslog-bsd
  198. +1 −0  test/common/statements/good/syslog-ietf
  199. +0 −2  test/coresrc/Makefile.in
  200. +0 −1  test/module-tester.sh
  201. +2 −2 test/modules/extension/kvp/cisco_acs.out
  202. +0 −4 test/modules/extension/multiline/xm_multiline.txt
  203. +2 −0  test/modules/extension/multiline/xm_multiline1.in
  204. +0 −1  test/modules/extension/multiline/xm_multiline1.out
  205. +0 −2  test/modules/extension/multiline/xm_multiline4.out
  206. +0 −39 test/modules/extension/multiline/xm_multiline5.conf
  207. +0 −16 test/modules/extension/multiline/xm_multiline5.in
  208. +0 −2  test/modules/extension/multiline/xm_multiline5.out
  209. +0 −21 test/modules/extension/wtmp/xm_wtmp.conf
  210. BIN  test/modules/extension/wtmp/xm_wtmp.in
  211. +0 −121 test/modules/extension/wtmp/xm_wtmp.out
  212. +0 −6 test/modules/extension/wtmp/xm_wtmp.txt
  213. +3 −7 test/tester.pl
View
44 ChangeLog.txt
@@ -1,47 +1,3 @@
- A regression caused a crash with im_file when the File did not exist.
- A typo in the code was causing a memory leak with rename_field().
-* 2014-02-03 2.7.1189
- The LICENSE has changed.
- Added a new extension module to parse binary wtmp files on Linux.
- Fixed a regression causing a crash after the 'failed to determine FQDN hostname' error message.
- The to_syslog_*() procedures can now use $raw_event if $Message is unset to make it easier to convert to syslog.
- Added a fix to im_msvistalog to handle the "EvtNext failed with error 13: The data is invalid." error better.
- The im_file module now emits the last event when using with the xm_multiline extension.
- Fixed the issue with more than 20 fiels and xm_multiline reported in ticket #33.
- Json parse errors in raw_event could cause a double free resulting in a crash or undefined behavior.
- It is now possible to use multiple instances of xm_perl.
- Disallow using a single processor module instance in multiple routes.
- The file_chown() procedure in xm_fileop works with user/group names in addtion to uid/gid values.
- CloseWhenIdle directive for im_file.
- File removal in some circumstances caused im_file to emit "input file does not exist" messages on windows.
- In same rare cases im_file would give a panic on windows with "im_file got EAGAIN for read".
- The regexp replacement operator s/// was leaking memory.
- In some circumstances excess CPU was used when im_file watched several files.
- Added some more performance optimizations to im_file to handle a large number of wildcarded files
- so that it should consume less resources than before. It also comes with a new DirCheckInterval and
- an ActiveFiles directive which can help in some cases when monitoring wildcarded files.
- Added a RenameCheck directive to im_file which should help detecting renamed/rotated files.
- The deb installer got stuck after trying to (re)start the daemon.
-* 2013-10-14 2.6.1131
- Service control manager could not properly shut down the service on windows2003 and possibly other windows
- versions. This could have resulted in unsaved positions and duplicated log collection on system restart.
- Fixed a panic in nx_config_cache_write() during shutdown.
- Fixed an assertion failure when pm_pattern was trying to set an invalid datetime field.
- The installer adds 'eventlog' as a dependency for the nxlog service.
- Some error conditions (e.g. The interface is unknown, Access is denied, Invalid parameter, etc) should be
- handled better now by im_mseventlog.
- The reroute() and add_to_route() procedures were leaking memory.
- Some xm_fileop procedures did not work properly on windows, e.g. file_remove() with wildcards.
- im_exec was consuming excess CPU on windows in some cases.
- Fixed a memory leak in pm_buffer.
- Added xm_kvp to the windows wix build script so that it is now included in the msi package.
- Added an UndefValue directive to the xm_csv module to make parsing W3C logs containing the dash "-" more painless.
- The parsedate() function now returns an undefined datetime type instead of aborting execution with an error.
- The drop() procedure now aborts further evaluation of statements so that an else branch is no longer
- required when dropping events conditionally.
- Suppress repeating "failed to open directory" error messages in im_file.
- Fixed bad filenames in logged config locations caused by the include directive.
- Experimental MacOSX port.
* 2013-07-04 2.5.1089
An SSL cert verification failure caused successive verifications to fail in im_ssl and related modules.
Potentially fixed im_file giving "Partial results are valid but processing is incomplete" errors.
View
100 LICENSE
@@ -1,92 +1,16 @@
-NXLOG PUBLIC LICENSE v1.0
+NXLOG COMMUNITY EDITION
+http://nxlog.org
+Copyright 2010-2013 nxsec.com
-1. DEFINITIONS
-“License” shall mean version 1.0 of the NXLOG PUBLIC LICENSE, i.e. the
-terms and conditions set forth in this document;
-“Software” shall mean the source code and object code form, all associated
-media, printed materials, and "online" or electronic documentation. All
-such software and materials are referred to herein as the "Software" and
-are copyrighted by Licensor;
-“Licensor” refers to the copyright holder of the Software, i.e. nxsec.com.
+Unless otherwise noted, this software is licensed under the terms of the
+ * GPL v2 for source files under src/modules
+ * LGPL v2.1 for source files under src/common, src/core and src/utils
-2. GRANT OF LICENSE
-Licensor hereby grants you the following rights, provided that you comply
-with all of the restrictions set forth in this License and provided,
-further, that you distribute an unmodified copy of this License with the
-Software:
-i. You may copy and distribute verbatim (i.e. unmodified) copies of the
-Software as you receive it, in any medium;
-ii. You may modify the Software, create works based on the Software and
-distribute copies of such, in any medium.
+You should be able to obtain a copy of these licenses from the following
+locations:
+ http://www.gnu.org/licenses/gpl-2.0.txt
+ http://www.gnu.org/licenses/lgpl-2.1.txt
-By downloading, using, modifying and copying the Software (or any work
-based on the Software), you indicate your acceptance of this license to
-do so, and all its terms and conditions for using, copying, distributing
-and modifying the Software or works based on it. Nothing other than this
-license grants you permission to modify, distribute the program or its
-derivative works. If you do not accept these terms and conditions, do not
-use, modify or distribute the Software.
-3. RESTRICTIONS ON COPYING, DISTRIBUTION AND USE
-The Software may be copied and distributed with or without modifications
-in source code and object code form and may be used for commercial and
-non-commercial purposes provided that the following restrictions are met:
-i. Distribution of the Software is prohibited if any payment is made in
-connection with such distribution. You may only charge a reasonable fee
-to cover the costs of copying and redistribution;
-ii. Bundling the Software with a commercial product or using it to
-provide commercial services is prohibited if your product or service
-explicitly depends on the Software to be able to operate or function.
-You may use the Software without modifications to provide commercial
-services or to bundle it with your product provided that your service or
-product can also operate or function without the Software.
-A commercial license is available if you wish to incorporate the Software
-into your product or service which explicitly depends on the Software to
-be able to operate or function.
-
-4. RESTRICTIONS ON MODIFICATION AND DERIVATIVE WORKS
-The Software may be modified and derivative works may be distributed only
-under the terms of this license with the following restrictions:
-i. Any modifications and enhancements to the Software, including any newly
-developed scripts, libraries, modules that depend on the Software, are
-considered derivative works (“Derivative Work”).
-ii. If you have modified the Software or created Derivative Work, you
-must cause the work to carry prominent notices stating that you have
-modified the Software's files and the date of any change. In each source
-file that you have modified, you must include a prominent notice that you
-have modified the file, including your name, your e-mail address (if
-any), and the date and purpose of the change;
-iii. All Derivative Works must be made public in source code form by
-making it accessible for download over the internet. You must also notify
-Licensor about the Derivative Work in e-mail;
-iv. All Derivative works must be distributed with an unmodified copy of
-this License;
-v. By creating a Derivative Work, you assign all copyrights relating to
-the modifications to Licensor. You acknowledge that Licensor will own all
-copyrights and Licensor may use and distribute the Derivative Work to
-third parties under different terms from that of this License.
-
-5. NO WARRANTIES
-The Software is provided “AS IS” and Licensor makes no warranty as to its
-use, performance, or otherwise. To the maximum extent permitted by
-applicable law, Licensor disclaims all other representations, warranties,
-and conditions, express, implied, statutory, or otherwise, including, but
-not limited to, implied warranties or conditions of merchantability,
-satisfactory quality, fitness for a particular purpose, title, and
-non-infringement. The entire risk arising out of use or performance of
-the Software remains with you.
-
-6. LIMITATION OF LIABILITY
-This limitation of liability is to the maximum extent permitted by
-applicable law. In no event shall Licensor be liable for any costs of
-substitute products or services, or for any special, incidental,
-indirect, or consequential damages whatsoever (including, without
-limitation, damages for loss of business profits, business interruption,
-or loss of business information) arising out of the use or inability to
-use the Software, even if Licensor has been advised of the possibility of
-such damages. In any case, Licensor's entire liability arising out of
-this Agreement shall be limited to the greater of the amount actually
-paid for the Software; provided, however, that if you have entered into a
-Technical Services Support Agreement, Licensor's entire liability
-regarding support services shall be governed by the terms of that
-agreement.
+This product includes software developed by the OpenSSL Project
+for use in the OpenSSL Toolkit. (http://www.openssl.org/)
View
BIN  LICENSE.pdf
Binary file not shown
View
4 Makefile.am
@@ -7,7 +7,7 @@ maintainer-clean-local:
changelog_DATA = ChangeLog.txt
changelogdir = $(docdir)
-EXTRA_DIST = autogen.sh libtool svn_version.txt version.sh VERSION $(changelog_DATA) LICENSE LICENSE.pdf $(wildcard parsers/*.conf) \
+EXTRA_DIST = autogen.sh libtool svn_version.txt version.sh VERSION $(changelog_DATA) LICENSE $(wildcard parsers/*.conf) \
$(wildcard packaging/debian/*.pem) \
packaging/aix/nxlog.spec \
packaging/aix/init \
@@ -27,8 +27,6 @@ EXTRA_DIST = autogen.sh libtool svn_version.txt version.sh VERSION $(changelog_D
packaging/debian/postrm \
packaging/debian/rules \
packaging/debian/source/format \
- packaging/macosx/buildpkg.sh \
- packaging/macosx/nxlog.conf \
packaging/windows/license.rtf \
packaging/windows/nxlog.conf \
packaging/windows/nxlog.wxs \
View
6 Makefile.in
@@ -134,7 +134,6 @@ distuninstallcheck_listfiles = find . -type f -print
distcleancheck_listfiles = find . -type f -print
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
-APRCONFIG = @APRCONFIG@
APR_CFLAGS = @APR_CFLAGS@
APR_LIBS = @APR_LIBS@
AR = @AR@
@@ -208,7 +207,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
-PCRECONFIG = @PCRECONFIG@
PCRE_CFLAGS = @PCRE_CFLAGS@
PCRE_LIBS = @PCRE_LIBS@
PERL = @PERL@
@@ -284,7 +282,7 @@ top_srcdir = @top_srcdir@
SUBDIRS = src test doc
changelog_DATA = ChangeLog.txt
changelogdir = $(docdir)
-EXTRA_DIST = autogen.sh libtool svn_version.txt version.sh VERSION $(changelog_DATA) LICENSE LICENSE.pdf $(wildcard parsers/*.conf) \
+EXTRA_DIST = autogen.sh libtool svn_version.txt version.sh VERSION $(changelog_DATA) LICENSE $(wildcard parsers/*.conf) \
$(wildcard packaging/debian/*.pem) \
packaging/aix/nxlog.spec \
packaging/aix/init \
@@ -304,8 +302,6 @@ EXTRA_DIST = autogen.sh libtool svn_version.txt version.sh VERSION $(changelog_D
packaging/debian/postrm \
packaging/debian/rules \
packaging/debian/source/format \
- packaging/macosx/buildpkg.sh \
- packaging/macosx/nxlog.conf \
packaging/windows/license.rtf \
packaging/windows/nxlog.conf \
packaging/windows/nxlog.wxs \
View
2  VERSION
@@ -1 +1 @@
-2.7
+2.5
View
114 configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.67 for nxlog-ce 2.7.1191.
+# Generated by GNU Autoconf 2.67 for nxlog-ce 2.5.1089.
#
# Report bugs to <support@nxlog.org>.
#
@@ -701,8 +701,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='nxlog-ce'
PACKAGE_TARNAME='nxlog-ce'
-PACKAGE_VERSION='2.7.1191'
-PACKAGE_STRING='nxlog-ce 2.7.1191'
+PACKAGE_VERSION='2.5.1089'
+PACKAGE_STRING='nxlog-ce 2.5.1089'
PACKAGE_BUGREPORT='support@nxlog.org'
PACKAGE_URL=''
@@ -768,8 +768,6 @@ APR_LIBS
MAINTAINERCLEANFILES
CLEANFILES
INCLUDES
-BUILD_XM_WTMP_FALSE
-BUILD_XM_WTMP_TRUE
WIN32_FALSE
WIN32_TRUE
BUILD_MSEVENTLOG_FALSE
@@ -788,7 +786,6 @@ HAVE_ZLIB_TRUE
HAVE_LIBDBI_FALSE
HAVE_LIBDBI_TRUE
pcre_config
-PCRECONFIG
OPENSSL
HAVE_ANDROID_FALSE
HAVE_ANDROID_TRUE
@@ -820,7 +817,6 @@ DLLTOOL
AS
LN_S
apr_config
-APRCONFIG
am__fastdepCC_FALSE
am__fastdepCC_TRUE
CCDEPMODE
@@ -935,11 +931,9 @@ CFLAGS
LDFLAGS
LIBS
CPPFLAGS
-APRCONFIG
CPP
YACC
-YFLAGS
-PCRECONFIG'
+YFLAGS'
# Initialize some variables set by options.
@@ -1482,7 +1476,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures nxlog-ce 2.7.1191 to adapt to many kinds of systems.
+\`configure' configures nxlog-ce 2.5.1089 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1553,7 +1547,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of nxlog-ce 2.7.1191:";;
+ short | recursive ) echo "Configuration of nxlog-ce 2.5.1089:";;
esac
cat <<\_ACEOF
@@ -1590,14 +1584,12 @@ Some influential environment variables:
LIBS libraries to pass to the linker, e.g. -l<library>
CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
you have headers in a nonstandard directory <include dir>
- APRCONFIG apr-1-config tool with path
CPP C preprocessor
YACC The `Yet Another C Compiler' implementation to use. Defaults to
the first program found out of: `bison -y', `byacc', `yacc'.
YFLAGS The list of arguments that will be passed by default to $YACC.
This script will default YFLAGS to the empty string to avoid a
default value of `-d' given by some make applications.
- PCRECONFIG pcre-config tool with path
Use these variables to override the choices made by `configure' or to help
it to find libraries and programs with nonstandard names/locations.
@@ -1665,7 +1657,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-nxlog-ce configure 2.7.1191
+nxlog-ce configure 2.5.1089
generated by GNU Autoconf 2.67
Copyright (C) 2010 Free Software Foundation, Inc.
@@ -2137,7 +2129,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by nxlog-ce $as_me 2.7.1191, which was
+It was created by nxlog-ce $as_me 2.5.1089, which was
generated by GNU Autoconf 2.67. Invocation command line was
$ $0 $@
@@ -3067,7 +3059,7 @@ fi
# Define the identity of the package.
PACKAGE='nxlog-ce'
- VERSION='2.7.1191'
+ VERSION='2.5.1089'
cat >>confdefs.h <<_ACEOF
@@ -4096,9 +4088,7 @@ fi
# APR
-
-if test -z "$APRCONFIG"; then
- # Extract the first word of "apr-1-config", so it can be a program name with args.
+# Extract the first word of "apr-1-config", so it can be a program name with args.
set dummy apr-1-config; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
@@ -4138,9 +4128,6 @@ $as_echo "no" >&6; }
fi
-else
- apr_config=$APRCONFIG
-fi
if test "x$apr_config" = "x"; then
as_fn_error $? "apr library not found" "$LINENO" 5
fi
@@ -5077,13 +5064,13 @@ if test "${lt_cv_nm_interface+set}" = set; then :
else
lt_cv_nm_interface="BSD nm"
echo "int some_variable = 0;" > conftest.$ac_ext
- (eval echo "\"\$as_me:5080: $ac_compile\"" >&5)
+ (eval echo "\"\$as_me:5067: $ac_compile\"" >&5)
(eval "$ac_compile" 2>conftest.err)
cat conftest.err >&5
- (eval echo "\"\$as_me:5083: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
+ (eval echo "\"\$as_me:5070: $NM \\\"conftest.$ac_objext\\\"\"" >&5)
(eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out)
cat conftest.err >&5
- (eval echo "\"\$as_me:5086: output\"" >&5)
+ (eval echo "\"\$as_me:5073: output\"" >&5)
cat conftest.out >&5
if $GREP 'External.*some_variable' conftest.out > /dev/null; then
lt_cv_nm_interface="MS dumpbin"
@@ -6275,7 +6262,7 @@ ia64-*-hpux*)
;;
*-*-irix6*)
# Find out which ABI we are using.
- echo '#line 6278 "configure"' > conftest.$ac_ext
+ echo '#line 6265 "configure"' > conftest.$ac_ext
if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5
(eval $ac_compile) 2>&5
ac_status=$?
@@ -7798,11 +7785,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:7801: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:7788: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:7805: \$? = $ac_status" >&5
+ echo "$as_me:7792: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -8137,11 +8124,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:8140: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:8127: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err)
ac_status=$?
cat conftest.err >&5
- echo "$as_me:8144: \$? = $ac_status" >&5
+ echo "$as_me:8131: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output.
@@ -8242,11 +8229,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:8245: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:8232: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:8249: \$? = $ac_status" >&5
+ echo "$as_me:8236: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -8297,11 +8284,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'`
- (eval echo "\"\$as_me:8300: $lt_compile\"" >&5)
+ (eval echo "\"\$as_me:8287: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err)
ac_status=$?
cat out/conftest.err >&5
- echo "$as_me:8304: \$? = $ac_status" >&5
+ echo "$as_me:8291: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext
then
# The compiler can only warn and ignore the option if not recognized
@@ -10681,7 +10668,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-#line 10684 "configure"
+#line 10671 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -10777,7 +10764,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<_LT_EOF
-#line 10780 "configure"
+#line 10767 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -11288,9 +11275,7 @@ $as_echo "$as_me: WARNING: openssl binary not found" >&2;}
fi
# PCRE
-
-if test -z "$PCRECONFIG"; then
- # Extract the first word of "pcre-config", so it can be a program name with args.
+# Extract the first word of "pcre-config", so it can be a program name with args.
set dummy pcre-config; ac_word=$2
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
$as_echo_n "checking for $ac_word... " >&6; }
@@ -11330,10 +11315,6 @@ $as_echo "no" >&6; }
fi
-else
- pcre_config=$PCRECONFIG
-fi
-
if test "x$pcre_config" = "x"; then
as_fn_error $? "pcre library not found" "$LINENO" 5
fi
@@ -12528,40 +12509,6 @@ else
fi
-# xm_wtmp
-case $host in
- *linux*)
- BUILD_XM_WTMP=1
- ;;
- *)
- BUILD_XM_WTMP=0
- ;;
-esac;
-if test "x$BUILD_XM_WTMP" = "x1"; then
- for ac_header in utmp.h
-do :
- ac_fn_c_check_header_mongrel "$LINENO" "utmp.h" "ac_cv_header_utmp_h" "$ac_includes_default"
-if test "x$ac_cv_header_utmp_h" = x""yes; then :
- cat >>confdefs.h <<_ACEOF
-#define HAVE_UTMP_H 1
-_ACEOF
-
-else
- BUILD_XM_WTMP=0; { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: utmp.h not found, not building xm_wtmp" >&5
-$as_echo "$as_me: WARNING: utmp.h not found, not building xm_wtmp" >&2;}
-fi
-
-done
-
-fi
- if test x$BUILD_XM_WTMP = x1; then
- BUILD_XM_WTMP_TRUE=
- BUILD_XM_WTMP_FALSE='#'
-else
- BUILD_XM_WTMP_TRUE='#'
- BUILD_XM_WTMP_FALSE=
-fi
-
#################################
# C extensions.
@@ -13794,7 +13741,7 @@ MAINTAINERCLEANFILES=Makefile.in
-ac_config_files="$ac_config_files Makefile doc/Makefile doc/reference-manual/Makefile doc/reference-manual/config-examples/Makefile doc/reference-manual/en/Makefile doc/reference-manual/hu/Makefile test/Makefile test/common/Makefile test/coresrc/Makefile src/Makefile src/common/Makefile src/core/Makefile src/modules/Makefile src/modules/input/Makefile src/modules/input/file/Makefile src/modules/input/uds/Makefile src/modules/input/kernel/Makefile src/modules/input/udp/Makefile src/modules/input/tcp/Makefile src/modules/input/ssl/Makefile src/modules/input/testgen/Makefile src/modules/input/null/Makefile src/modules/input/mark/Makefile src/modules/input/internal/Makefile src/modules/input/dbi/Makefile src/modules/input/exec/Makefile src/modules/input/mseventlog/Makefile src/modules/input/msvistalog/Makefile src/modules/processor/Makefile src/modules/processor/null/Makefile src/modules/processor/filter/Makefile src/modules/processor/transformer/Makefile src/modules/processor/norepeat/Makefile src/modules/processor/buffer/Makefile src/modules/processor/blocker/Makefile src/modules/processor/pattern/Makefile src/modules/processor/evcorr/Makefile src/modules/output/Makefile src/modules/output/file/Makefile src/modules/output/udp/Makefile src/modules/output/tcp/Makefile src/modules/output/ssl/Makefile src/modules/output/null/Makefile src/modules/output/dbi/Makefile src/modules/output/blocker/Makefile src/modules/output/uds/Makefile src/modules/output/exec/Makefile src/modules/output/http/Makefile src/modules/extension/Makefile src/modules/extension/syslog/Makefile src/modules/extension/exec/Makefile src/modules/extension/csv/Makefile src/modules/extension/kvp/Makefile src/modules/extension/charconv/Makefile src/modules/extension/json/Makefile src/modules/extension/json/yajl/Makefile src/modules/extension/xml/Makefile src/modules/extension/gelf/Makefile src/modules/extension/fileop/Makefile src/modules/extension/multiline/Makefile src/modules/extension/perl/Makefile src/modules/extension/wtmp/Makefile src/utils/Makefile packaging/redhat/nxlog.spec packaging/redhat/nxlog.spec.RHEL5 packaging/windows/nxlog.wxs packaging/windows/pkgmsi.sh"
+ac_config_files="$ac_config_files Makefile doc/Makefile doc/reference-manual/Makefile doc/reference-manual/config-examples/Makefile doc/reference-manual/en/Makefile doc/reference-manual/hu/Makefile test/Makefile test/common/Makefile test/coresrc/Makefile src/Makefile src/common/Makefile src/core/Makefile src/modules/Makefile src/modules/input/Makefile src/modules/input/file/Makefile src/modules/input/uds/Makefile src/modules/input/kernel/Makefile src/modules/input/udp/Makefile src/modules/input/tcp/Makefile src/modules/input/ssl/Makefile src/modules/input/testgen/Makefile src/modules/input/null/Makefile src/modules/input/mark/Makefile src/modules/input/internal/Makefile src/modules/input/dbi/Makefile src/modules/input/exec/Makefile src/modules/input/mseventlog/Makefile src/modules/input/msvistalog/Makefile src/modules/processor/Makefile src/modules/processor/null/Makefile src/modules/processor/filter/Makefile src/modules/processor/transformer/Makefile src/modules/processor/norepeat/Makefile src/modules/processor/buffer/Makefile src/modules/processor/blocker/Makefile src/modules/processor/pattern/Makefile src/modules/processor/evcorr/Makefile src/modules/output/Makefile src/modules/output/file/Makefile src/modules/output/udp/Makefile src/modules/output/tcp/Makefile src/modules/output/ssl/Makefile src/modules/output/null/Makefile src/modules/output/dbi/Makefile src/modules/output/blocker/Makefile src/modules/output/uds/Makefile src/modules/output/exec/Makefile src/modules/output/http/Makefile src/modules/extension/Makefile src/modules/extension/syslog/Makefile src/modules/extension/exec/Makefile src/modules/extension/csv/Makefile src/modules/extension/kvp/Makefile src/modules/extension/charconv/Makefile src/modules/extension/json/Makefile src/modules/extension/json/yajl/Makefile src/modules/extension/xml/Makefile src/modules/extension/gelf/Makefile src/modules/extension/fileop/Makefile src/modules/extension/multiline/Makefile src/modules/extension/perl/Makefile src/utils/Makefile packaging/redhat/nxlog.spec packaging/redhat/nxlog.spec.RHEL5 packaging/windows/nxlog.wxs packaging/windows/pkgmsi.sh"
cat >confcache <<\_ACEOF
# This file is a shell script that caches the results of configure
@@ -13946,10 +13893,6 @@ if test -z "${WIN32_TRUE}" && test -z "${WIN32_FALSE}"; then
as_fn_error $? "conditional \"WIN32\" was never defined.
Usually this means the macro was only invoked conditionally." "$LINENO" 5
fi
-if test -z "${BUILD_XM_WTMP_TRUE}" && test -z "${BUILD_XM_WTMP_FALSE}"; then
- as_fn_error $? "conditional \"BUILD_XM_WTMP\" was never defined.
-Usually this means the macro was only invoked conditionally." "$LINENO" 5
-fi
: ${CONFIG_STATUS=./config.status}
ac_write_fail=0
@@ -14358,7 +14301,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by nxlog-ce $as_me 2.7.1191, which was
+This file was extended by nxlog-ce $as_me 2.5.1089, which was
generated by GNU Autoconf 2.67. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -14424,7 +14367,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-nxlog-ce config.status 2.7.1191
+nxlog-ce config.status 2.5.1089
configured by $0, generated by GNU Autoconf 2.67,
with options \\"\$ac_cs_config\\"
@@ -14873,7 +14816,6 @@ do
"src/modules/extension/fileop/Makefile") CONFIG_FILES="$CONFIG_FILES src/modules/extension/fileop/Makefile" ;;
"src/modules/extension/multiline/Makefile") CONFIG_FILES="$CONFIG_FILES src/modules/extension/multiline/Makefile" ;;
"src/modules/extension/perl/Makefile") CONFIG_FILES="$CONFIG_FILES src/modules/extension/perl/Makefile" ;;
- "src/modules/extension/wtmp/Makefile") CONFIG_FILES="$CONFIG_FILES src/modules/extension/wtmp/Makefile" ;;
"src/utils/Makefile") CONFIG_FILES="$CONFIG_FILES src/utils/Makefile" ;;
"packaging/redhat/nxlog.spec") CONFIG_FILES="$CONFIG_FILES packaging/redhat/nxlog.spec" ;;
"packaging/redhat/nxlog.spec.RHEL5") CONFIG_FILES="$CONFIG_FILES packaging/redhat/nxlog.spec.RHEL5" ;;
View
29 configure.in
@@ -11,12 +11,7 @@ AC_LANG(C)
AC_PROG_CC
# APR
-AC_ARG_VAR([APRCONFIG], [apr-1-config tool with path])
-if test -z "$APRCONFIG"; then
- AC_PATH_PROG(apr_config, [apr-1-config])
-else
- apr_config=$APRCONFIG
-fi
+AC_PATH_PROG(apr_config, [apr-1-config])
if test "x$apr_config" = "x"; then
AC_MSG_ERROR([apr library not found])
fi
@@ -50,13 +45,7 @@ if test "x$OPENSSL" = "xNOTFOUND"; then
fi
# PCRE
-AC_ARG_VAR([PCRECONFIG], [pcre-config tool with path])
-if test -z "$PCRECONFIG"; then
- AC_PATH_PROG(pcre_config, [pcre-config])
-else
- pcre_config=$PCRECONFIG
-fi
-
+AC_PATH_PROG(pcre_config, [pcre-config])
if test "x$pcre_config" = "x"; then
AC_MSG_ERROR([pcre library not found])
fi
@@ -256,19 +245,6 @@ AC_ARG_WITH(pidfile,
[ NX_PIDFILE="${localstatedir}/run/nxlog/nxlog.pid"]
)
-# xm_wtmp
-case $host in
- *linux*)
- BUILD_XM_WTMP=1
- ;;
- *)
- BUILD_XM_WTMP=0
- ;;
-esac;
-if test "x$BUILD_XM_WTMP" = "x1"; then
- AC_CHECK_HEADERS(utmp.h, [], [BUILD_XM_WTMP=0; AC_MSG_WARN([utmp.h not found, not building xm_wtmp])])
-fi
-AM_CONDITIONAL([BUILD_XM_WTMP], [test x$BUILD_XM_WTMP = x1])
#################################
# C extensions.
@@ -426,7 +402,6 @@ AC_OUTPUT(Makefile
src/modules/extension/fileop/Makefile
src/modules/extension/multiline/Makefile
src/modules/extension/perl/Makefile
- src/modules/extension/wtmp/Makefile
src/utils/Makefile
packaging/redhat/nxlog.spec
packaging/redhat/nxlog.spec.RHEL5
View
2  doc/Makefile.in
@@ -90,7 +90,6 @@ am__relativize = \
reldir="$$dir2"
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
-APRCONFIG = @APRCONFIG@
APR_CFLAGS = @APR_CFLAGS@
APR_LIBS = @APR_LIBS@
AR = @AR@
@@ -164,7 +163,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
-PCRECONFIG = @PCRECONFIG@
PCRE_CFLAGS = @PCRE_CFLAGS@
PCRE_LIBS = @PCRE_LIBS@
PERL = @PERL@
View
2  doc/reference-manual/Makefile.in
@@ -114,7 +114,6 @@ am__relativize = \
reldir="$$dir2"
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
-APRCONFIG = @APRCONFIG@
APR_CFLAGS = @APR_CFLAGS@
APR_LIBS = @APR_LIBS@
AR = @AR@
@@ -188,7 +187,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
-PCRECONFIG = @PCRECONFIG@
PCRE_CFLAGS = @PCRE_CFLAGS@
PCRE_LIBS = @PCRE_LIBS@
PERL = @PERL@
View
3  doc/reference-manual/config-examples/Makefile.am
@@ -17,9 +17,6 @@ stamp-examples: $(wildcard *.conf) $(wildcard *.stmnt) example-xml.sh \
../../../test/modules/extension/multiline/xm_multiline4.conf \
../../../test/modules/extension/multiline/xm_multiline4.in \
../../../test/modules/extension/multiline/xm_multiline4.out \
- ../../../test/modules/extension/multiline/xm_multiline5.conf \
- ../../../test/modules/extension/multiline/xm_multiline5.in \
- ../../../test/modules/extension/multiline/xm_multiline5.out \
../../../test/modules/extension/perl/xm_perl.conf \
../../../test/modules/extension/perl/processlogs.pl \
../../../test/modules/extension/kvp/xm_kvp5.conf \
View
5 doc/reference-manual/config-examples/Makefile.in
@@ -50,7 +50,6 @@ DIST_SOURCES =
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
-APRCONFIG = @APRCONFIG@
APR_CFLAGS = @APR_CFLAGS@
APR_LIBS = @APR_LIBS@
AR = @AR@
@@ -124,7 +123,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
-PCRECONFIG = @PCRECONFIG@
PCRE_CFLAGS = @PCRE_CFLAGS@
PCRE_LIBS = @PCRE_LIBS@
PERL = @PERL@
@@ -408,9 +406,6 @@ stamp-examples: $(wildcard *.conf) $(wildcard *.stmnt) example-xml.sh \
../../../test/modules/extension/multiline/xm_multiline4.conf \
../../../test/modules/extension/multiline/xm_multiline4.in \
../../../test/modules/extension/multiline/xm_multiline4.out \
- ../../../test/modules/extension/multiline/xm_multiline5.conf \
- ../../../test/modules/extension/multiline/xm_multiline5.in \
- ../../../test/modules/extension/multiline/xm_multiline5.out \
../../../test/modules/extension/perl/xm_perl.conf \
../../../test/modules/extension/perl/processlogs.pl \
../../../test/modules/extension/kvp/xm_kvp5.conf \
View
4 doc/reference-manual/config-examples/config-example-cisco_acs.out.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<programlisting><![CDATA[
-{"SourceModuleName":"in","SourceModuleType":"im_file","SyslogFacilityValue":4,"SyslogFacility":"AUTH","SyslogSeverityValue":6,"SyslogSeverity":"INFO","SeverityValue":2,"Severity":"INFO","Hostname":"10.0.1.1","EventTime":"2014-10-16 21:01:29","Message":"Message-Type=Authen failed,User-Name=John,NAS-IP-Address=10.0.1.2,AAA Server=acs01","ACSCategoryNumber":"02","ACSCategoryName":"FailedAuth","ACSMessageId":"1k1fg93nk","ACSTotalSegments":"1","ACSSegmentNumber":"0","Message-Type":"Authen failed","User-Name":"John","NAS-IP-Address":"10.0.1.2","AAA Server":"acs01"}
-{"SourceModuleName":"in","SourceModuleType":"im_file","SyslogFacilityValue":4,"SyslogFacility":"AUTH","SyslogSeverityValue":6,"SyslogSeverity":"INFO","SeverityValue":2,"Severity":"INFO","Hostname":"10.0.1.1","EventTime":"2014-10-16 21:01:31","Message":"Message-Type=Authen failed,User-Name=Foo,NAS-IP-Address=10.0.1.2,AAA Server=acs01","ACSCategoryNumber":"02","ACSCategoryName":"FailedAuth","ACSMessageId":"2k1fg63nk","ACSTotalSegments":"1","ACSSegmentNumber":"0","Message-Type":"Authen failed","User-Name":"Foo","NAS-IP-Address":"10.0.1.2","AAA Server":"acs01"}
+{"SourceModuleName":"in","SourceModuleType":"im_file","SyslogFacilityValue":4,"SyslogFacility":"AUTH","SyslogSeverityValue":6,"SyslogSeverity":"INFO","SeverityValue":2,"Severity":"INFO","Hostname":"10.0.1.1","EventTime":"2013-10-16 21:01:29","Message":"Message-Type=Authen failed,User-Name=John,NAS-IP-Address=10.0.1.2,AAA Server=acs01","ACSCategoryNumber":"02","ACSCategoryName":"FailedAuth","ACSMessageId":"1k1fg93nk","ACSTotalSegments":"1","ACSSegmentNumber":"0","Message-Type":"Authen failed","User-Name":"John","NAS-IP-Address":"10.0.1.2","AAA Server":"acs01"}
+{"SourceModuleName":"in","SourceModuleType":"im_file","SyslogFacilityValue":4,"SyslogFacility":"AUTH","SyslogSeverityValue":6,"SyslogSeverity":"INFO","SeverityValue":2,"Severity":"INFO","Hostname":"10.0.1.1","EventTime":"2013-10-16 21:01:31","Message":"Message-Type=Authen failed,User-Name=Foo,NAS-IP-Address=10.0.1.2,AAA Server=acs01","ACSCategoryNumber":"02","ACSCategoryName":"FailedAuth","ACSMessageId":"2k1fg63nk","ACSTotalSegments":"1","ACSSegmentNumber":"0","Message-Type":"Authen failed","User-Name":"Foo","NAS-IP-Address":"10.0.1.2","AAA Server":"acs01"}
]]></programlisting>
View
1  ...al/config-examples/config-example-xm_gelf_csv.xml → ...ce-manual/config-examples/config-example-gelf.xml
@@ -14,7 +14,6 @@
<Input in>
Module im_file
File "/var/log/app/csv.log"
- Exec csv->parse_csv();
</Input>
<Output out>
View
3  doc/reference-manual/config-examples/config-example-w3c.xml
@@ -5,9 +5,6 @@
Fields $date, $time, $HTTPMethod, $HTTPURL
FieldTypes string, string, string, string
Delimiter ' '
- QuoteChar '"'
- EscapeControl FALSE
- UndefValue -
</Extension>
<Extension json>
View
26 doc/reference-manual/config-examples/config-example-wtmp2json.xml
@@ -1,26 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<programlisting><![CDATA[
-<Extension wtmp>
- Module xm_wtmp
-</Extension>
-
-<Extension json>
- Module xm_json
-</Extension>
-
-<Input in>
- Module im_file
- File '/var/log/wtmp'
- InputType wtmp
- Exec to_json();
-</Input>
-
-<Output out>
- Module om_file
- File '/var/log/wtmp.txt'
-</Output>
-
-<Route processwtmp>
- Path in => out
-</Route>
-]]></programlisting>
View
44 doc/reference-manual/config-examples/config-example-xm_gelf_file.xml
@@ -1,44 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<programlisting><![CDATA[
-<Extension gelf>
- Module xm_gelf
-</Extension>
-
-<Input in>
- Module im_file
- File "/var/log/app*.log"
-
- # Set the $EventTime field usually found in the logs by extracting it with a regexp.
- # If this is not set, the current system time will be used which might be a little off.
- Exec if $raw_event =~ /(\d\d\d\d\-\d\d-\d\d \d\d:\d\d:\d\d)/ $EventTime = parsedate($1);
-
- # Explicitly set the Hostname. This defaults to the system's hostname if unset.
- Exec $Hostname = 'myhost';
-
- # Now set the severity level to something custom. This defaults to 'INFO' if unset.
- # We can use the following numeric values here which are the standard syslog values:
- # ALERT: 1, CRITICAL: 2, ERROR: 3, WARNING: 4, NOTICE: 5, INFO: 6, DEBUG: 7
- Exec if $raw_event =~ /ERROR/ $SyslogSeverityValue = 3; \
- else $SyslogSeverityValue = 6;
-
- # Set a field to contain the name of the source file
- Exec $FileName = file_name();
-
- # To set a custom message, use the $Message field. The $raw_event field is used if $Message is unset.
- Exec if $raw_event =~ /something important/ $Message = 'IMPORTANT!! ' + $raw_event;
-
- # Set the SourceName (facility field in GELF), will default to 'NXLOG' if unset.
- Exec $SourceName = 'myapp';
-</Input>
-
-<Output out>
- Module om_udp
- Host 192.168.1.1
- Port 12201
- OutputType GELF
-</Output>
-
-<Route r>
- Path in => out
-</Route>
-]]></programlisting>
View
2  doc/reference-manual/config-examples/config-example-xm_multiline1.in.xml
@@ -12,4 +12,6 @@ ccccccccccccccccccccccccccccccccccccc
dddd
---------------
+
+
]]></programlisting>
View
1  doc/reference-manual/config-examples/config-example-xm_multiline1.out.xml
@@ -10,6 +10,5 @@ aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
ccccccccccccccccccccccccccccccccccccc
dddd
-#---------------
]]></programlisting>
View
2  doc/reference-manual/config-examples/config-example-xm_multiline4.out.xml
@@ -18,7 +18,5 @@ Accepted Extended Negotiation: none
02 00 00 00 00 d8 00 01 00 00 50 41 43 53 20 20
20 20 20 20 20 20 20 20 20 20 52 5a 44 43 58 20
20 20 20 20 20 20 20 20 20 20 00 00 00 00 00 00
---------------------------------------
-2011-12-1512:22:51.031000 4296 DEBUG DIMSE sendDcmDataset: sending 146 bytes
]]></programlisting>
View
42 doc/reference-manual/config-examples/config-example-xm_multiline5.conf.xml
@@ -1,42 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<programlisting><![CDATA[
-<Extension multiline>
- Module xm_multiline
- HeaderLine /^<event>/
- EndLine /^</event>/
-</Extension>
-
-<Extension xmlparser>
- Module xm_xml
-</Extension>
-
-<Extension json>
- Module xm_json
-</Extension>
-
-<Input in>
- Module im_file
- File "modules/extension/multiline/xm_multiline5.in"
- SavePos FALSE
- ReadFromLast FALSE
- InputType multiline
- # Discard everything that doesn't seem to be an xml event
- Exec if $raw_event !~ /^<event>/ drop();
- # Parse the xml event
- Exec parse_xml();
- # Rewrite some fields
- Exec $EventTime = parsedate($timestamp); delete($timestamp); delete($EventReceivedTime);
- # Convert to JSON
- Exec to_json();
-</Input>
-
-<Output out>
- Module om_file
- File 'tmp/output'
-</Output>
-
-<Route 1>
- Path in => out
-</Route>
-
-]]></programlisting>
View
20 doc/reference-manual/config-examples/config-example-xm_multiline5.in.xml
@@ -1,20 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<programlisting><![CDATA[
-<?xml version="1.0" encoding="UTF-8">
-<event>
- <timestamp>2012-11-23 23:00:00</timestamp>
- <severity>ERROR</severity>
- <message>
- Something bad happened.
- Please check the system.
- </message>
-</event>
-<event>
- <timestamp>2012-11-23 23:00:12</timestamp>
- <severity>INFO</severity>
- <message>
- System state is now back to normal.
- </message>
-</event>
-
-]]></programlisting>
View
6 doc/reference-manual/config-examples/config-example-xm_multiline5.out.xml
@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<programlisting><![CDATA[
-{"SourceModuleName":"in","SourceModuleType":"im_file","severity":"ERROR","message":"\n Something bad happened.\n Please check the system.\n ","EventTime":"2012-11-23 23:00:00"}
-{"SourceModuleName":"in","SourceModuleType":"im_file","severity":"INFO","message":"\n System state is now back to normal.\n ","EventTime":"2012-11-23 23:00:12"}
-
-]]></programlisting>
View
53 doc/reference-manual/config-examples/config-example-xm_syslog_file_bsd_udp.xml
@@ -1,53 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<programlisting><![CDATA[
-<Extension syslog>
- Module xm_syslog
-</Extension>
-
-<Input in>
- Module im_file
-
- # We monitor all files matching the wildcard.
- # Every line is read into the $raw_event field.
- File "/var/log/app*.log"
-
- # Set the $EventTime field usually found in the logs by extracting it with a regexp.
- # If this is not set, the current system time will be used which might be a little off.
- Exec if $raw_event =~ /(\d\d\d\d\-\d\d-\d\d \d\d:\d\d:\d\d)/ $EventTime = parsedate($1);
-
- # Now set the severity to something custom. This defaults to 'INFO' if unset.
- Exec if $raw_event =~ /ERROR/ $Severity = 'ERROR'; \
- else $Severity = 'INFO';
-
- # The facility can be also set, otherwise the default value is 'USER'.
- Exec $SyslogFacility = 'AUDIT';
-
- # The SourceName field is called the TAG in RFC3164 terminology and is usually the process name.
- Exec $SourceName = 'my_application';
-
- # It is also possible to rewrite the Hostname if you don't want to use the system's hostname.
- Exec $Hostname = 'myhost';
-
- # The Message field is used if present, otherwise the current $raw_event is prepended with the
- # syslog headers.
- # You can do some modifications on the Message if required. Here we add the full path of the
- # source file to the end of message line.
- Exec $Message = $raw_event + ' [' + file_name() + ']';
-
- # Now create our RFC3164 compliant syslog line using the fields set above and/or use sensible
- # defaults where possible. The result will be in $raw_event.
- Exec to_syslog_bsd();
-</Input>
-
-<Output out>
- # This module just sends the contents of the $raw_event field to the destination defined here,
- # one UDP packet per message.
- Module om_udp
- Host 192.168.1.42
- Port 1514
-</Output>
-
-<Route 66>
- Path in => out
-</Route>
-]]></programlisting>
View
5 doc/reference-manual/config-examples/example-xml.sh
@@ -33,9 +33,6 @@ for i in ../../../test/modules/processor/pattern/patterndb.xml \
../../../test/modules/extension/multiline/xm_multiline4.conf \
../../../test/modules/extension/multiline/xm_multiline4.in \
../../../test/modules/extension/multiline/xm_multiline4.out \
- ../../../test/modules/extension/multiline/xm_multiline5.conf \
- ../../../test/modules/extension/multiline/xm_multiline5.in \
- ../../../test/modules/extension/multiline/xm_multiline5.out \
../../../test/modules/extension/perl/xm_perl.conf \
../../../test/modules/extension/perl/processlogs.pl \
../../../test/modules/extension/kvp/xm_kvp5.conf \
@@ -54,7 +51,7 @@ for i in ../../../test/modules/processor/pattern/patterndb.xml \
FILENAME=config-example-`basename $i`.xml
echo '<?xml version="1.0" encoding="UTF-8"?>' > $FILENAME
echo '<programlisting><![CDATA[' >> $FILENAME
- cat $i | grep -v 'include tmp/common.conf' >> $FILENAME
+ cat $i |grep -v 'include tmp/common.conf' >> $FILENAME
echo '' >> $FILENAME
echo ']]></programlisting>' >> $FILENAME
done
View
1  ...reference-manual/config-examples/xm_gelf_csv.conf → doc/reference-manual/config-examples/gelf.conf
@@ -13,7 +13,6 @@ include common.conf
<Input in>
Module im_file
File "/var/log/app/csv.log"
- Exec csv->parse_csv();
</Input>
<Output out>
View
7 doc/reference-manual/config-examples/parsedate.stmnt
@@ -1,7 +0,0 @@
-$raw_event = "2020-02-03 04:05:06 ......";
-if $raw_event =~ /^(\S+)\s+(\S+)/
-{
- $EventTime = parsedate($1 + " " + $2);
-}
-# making sure $EventTime doesn't stay empty
-if not defined($EventTime) $EventTime = now();
View
11 doc/reference-manual/config-examples/stmnt-example-parsedate.xml
@@ -1,11 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<programlisting><![CDATA[
-$raw_event = "2020-02-03 04:05:06 ......";
-if $raw_event =~ /^(\S+)\s+(\S+)/
-{
- $EventTime = parsedate($1 + " " + $2);
-}
-# making sure $EventTime doesn't stay empty
-if not defined($EventTime) $EventTime = now();
-
-]]></programlisting>
View
3  doc/reference-manual/config-examples/w3c.conf
@@ -4,9 +4,6 @@ include common.conf
Fields $date, $time, $HTTPMethod, $HTTPURL
FieldTypes string, string, string, string
Delimiter ' '
- QuoteChar '"'
- EscapeControl FALSE
- UndefValue -
</Extension>
<Extension json>
View
24 doc/reference-manual/config-examples/wtmp2json.conf
@@ -1,24 +0,0 @@
-include common.conf
-<Extension wtmp>
- Module xm_wtmp
-</Extension>
-
-<Extension json>
- Module xm_json
-</Extension>
-
-<Input in>
- Module im_file
- File '/var/log/wtmp'
- InputType wtmp
- Exec to_json();
-</Input>
-
-<Output out>
- Module om_file
- File '/var/log/wtmp.txt'
-</Output>
-
-<Route processwtmp>
- Path in => out
-</Route>
View
42 doc/reference-manual/config-examples/xm_gelf_file.conf
@@ -1,42 +0,0 @@
-include common.conf
-<Extension gelf>
- Module xm_gelf
-</Extension>
-
-<Input in>
- Module im_file
- File "/var/log/app*.log"
-
- # Set the $EventTime field usually found in the logs by extracting it with a regexp.
- # If this is not set, the current system time will be used which might be a little off.
- Exec if $raw_event =~ /(\d\d\d\d\-\d\d-\d\d \d\d:\d\d:\d\d)/ $EventTime = parsedate($1);
-
- # Explicitly set the Hostname. This defaults to the system's hostname if unset.
- Exec $Hostname = 'myhost';
-
- # Now set the severity level to something custom. This defaults to 'INFO' if unset.
- # We can use the following numeric values here which are the standard syslog values:
- # ALERT: 1, CRITICAL: 2, ERROR: 3, WARNING: 4, NOTICE: 5, INFO: 6, DEBUG: 7
- Exec if $raw_event =~ /ERROR/ $SyslogSeverityValue = 3; \
- else $SyslogSeverityValue = 6;
-
- # Set a field to contain the name of the source file
- Exec $FileName = file_name();
-
- # To set a custom message, use the $Message field. The $raw_event field is used if $Message is unset.
- Exec if $raw_event =~ /something important/ $Message = 'IMPORTANT!! ' + $raw_event;
-
- # Set the SourceName (facility field in GELF), will default to 'NXLOG' if unset.
- Exec $SourceName = 'myapp';
-</Input>
-
-<Output out>
- Module om_udp
- Host 192.168.1.1
- Port 12201
- OutputType GELF
-</Output>
-
-<Route r>
- Path in => out
-</Route>
View
51 doc/reference-manual/config-examples/xm_syslog_file_bsd_udp.conf
@@ -1,51 +0,0 @@
-include common.conf
-<Extension syslog>
- Module xm_syslog
-</Extension>
-
-<Input in>
- Module im_file
-
- # We monitor all files matching the wildcard.
- # Every line is read into the $raw_event field.
- File "/var/log/app*.log"
-
- # Set the $EventTime field usually found in the logs by extracting it with a regexp.
- # If this is not set, the current system time will be used which might be a little off.
- Exec if $raw_event =~ /(\d\d\d\d\-\d\d-\d\d \d\d:\d\d:\d\d)/ $EventTime = parsedate($1);
-
- # Now set the severity to something custom. This defaults to 'INFO' if unset.
- Exec if $raw_event =~ /ERROR/ $Severity = 'ERROR'; \
- else $Severity = 'INFO';
-
- # The facility can be also set, otherwise the default value is 'USER'.
- Exec $SyslogFacility = 'AUDIT';
-
- # The SourceName field is called the TAG in RFC3164 terminology and is usually the process name.
- Exec $SourceName = 'my_application';
-
- # It is also possible to rewrite the Hostname if you don't want to use the system's hostname.
- Exec $Hostname = 'myhost';
-
- # The Message field is used if present, otherwise the current $raw_event is prepended with the
- # syslog headers.
- # You can do some modifications on the Message if required. Here we add the full path of the
- # source file to the end of message line.
- Exec $Message = $raw_event + ' [' + file_name() + ']';
-
- # Now create our RFC3164 compliant syslog line using the fields set above and/or use sensible
- # defaults where possible. The result will be in $raw_event.
- Exec to_syslog_bsd();
-</Input>
-
-<Output out>
- # This module just sends the contents of the $raw_event field to the destination defined here,
- # one UDP packet per message.
- Module om_udp
- Host 192.168.1.42
- Port 1514
-</Output>
-
-<Route 66>
- Path in => out
-</Route>
View
2  doc/reference-manual/en/Makefile.in
@@ -74,7 +74,6 @@ DATA = $(docbook_DATA) $(figures_DATA)
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
-APRCONFIG = @APRCONFIG@
APR_CFLAGS = @APR_CFLAGS@
APR_LIBS = @APR_LIBS@
AR = @AR@
@@ -148,7 +147,6 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
-PCRECONFIG = @PCRECONFIG@
PCRE_CFLAGS = @PCRE_CFLAGS@
PCRE_LIBS = @PCRE_LIBS@
PERL = @PERL@
View
6 doc/reference-manual/en/apidoc-core.xml
@@ -683,7 +683,7 @@
<varlistentry>
<term>description</term>
<listitem>
- <simpara>Parse a datetime argument. Returns an undefined datetime type if it cannot parse the argument so that the user can fix the error, e.g. $EventTime = parsedate($somestring); if not defined($EventTime) $EventTime = now();</simpara>
+ <simpara>Parse a datetime argument.</simpara>
</listitem>
</varlistentry>
<varlistentry>
@@ -844,7 +844,7 @@
<varlistentry>
<term>description</term>
<listitem>
- <simpara>Return the FQDN hostname. This function will return the short form if the FQDN hostname cannot be determined.</simpara>
+ <simpara>Return the FQDN hostname. This function will return the sort form if the FQDN hostname cannot be determined.</simpara>
</listitem>
</varlistentry>
<varlistentry>
@@ -2192,7 +2192,7 @@ If the lifetime expires, the variable is deleted automatically and get_var(name)
<varlistentry>
<term>description</term>
<listitem>
- <simpara>Drop the currently processed event's log and don't execute further statements.</simpara>
+ <simpara>Drop the currently processed event's log.</simpara>
</listitem>
</varlistentry>
</variablelist>
View
51 doc/reference-manual/en/apidoc-xm_fileop.xml
@@ -981,57 +981,6 @@
<varlistentry>
<term>
- <function>file_chown(string file, string user, string group);</function>
- </term>
- <listitem>
- <variablelist>
- <varlistentry>
- <term>description</term>
- <listitem>
- <simpara>
- Change file ownership. This function is only implemented on POSIX systems where chown() is
- available in the underlying OS.
- An error is logged if the operation fails.
- </simpara>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>arguments</term>
- <listitem>
- <variablelist>
- <varlistentry>
- <term>file</term>
- <listitem>
- <simpara>
- type: <link linkend="lang_type_string">string</link>
- </simpara>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>user</term>
- <listitem>
- <simpara>
- type: <link linkend="lang_type_string">string</link>
- </simpara>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>group</term>
- <listitem>
- <simpara>
- type: <link linkend="lang_type_string">string</link>
- </simpara>
- </listitem>
- </varlistentry>
- </variablelist>
- </listitem>
- </varlistentry>
- </variablelist>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>
<anchor id="xm_fileop_proc_file_chmod"/>
<function>file_chmod(string file, integer mode);</function>
</term>
View
6 doc/reference-manual/en/apidoc-xm_syslog.xml
@@ -322,7 +322,7 @@
<varlistentry>
<term>description</term>
<listitem>
- <simpara>Create a BSD Syslog formatted log message in $raw_event from the fields of the event. The fields that are used to construct the $raw_event field are $EventTime, $Hostname, $SourceName, $ProcessID, $Message or $raw_event, $SyslogSeverity or $SyslogSeverityValue or $Severity or $SeverityValue, $SyslogFacility or $SyslogFacilityValue. If the fields are not present, a sensible default is used.</simpara>
+ <simpara>Create a BSD Syslog formatted log message in 'raw_event' from the fields of the event</simpara>
</listitem>
</varlistentry>
</variablelist>
@@ -339,7 +339,7 @@
<varlistentry>
<term>description</term>
<listitem>
- <simpara>Create an IETF Syslog (RFC5424) formatted log message in $raw_event from the fields of the event. The fields that are used to construct the $raw_event field are $EventTime, $Hostname, $SourceName, $ProcessID, $Message or $raw_event, $SyslogSeverity or $SyslogSeverityValue or $Severity or $SeverityValue, $SyslogFacility or $SyslogFacilityValue. If the fields are not present, a sensible default is used.</simpara>
+ <simpara>Create an IETF Syslog (RFC5424) formatted log message in 'raw_event' from the fields of the event</simpara>
</listitem>
</varlistentry>
</variablelist>
@@ -356,7 +356,7 @@
<varlistentry>
<term>description</term>
<listitem>
- <simpara>Create a SNARE Syslog formatted log message in $raw_event. Uses the following fields to construct $raw_event: $EventTime, $Hostname, $SeverityValue, $FileName, $EventID, $SourceName, $AccountName, $AccountType, $EventType, $Category, $Message.</simpara>
+ <simpara>Create a SNARE Syslog formatted log message in 'raw_event'. Uses the following fields: EventTime, Hostname, SeverityValue, FileName, EventID, SourceName, AccountName, AccountType, EventType, Category, Message</simpara>
</listitem>
</varlistentry>
</variablelist>
View
2  doc/reference-manual/en/architecture.xml
@@ -21,7 +21,7 @@
from scratch instead of hacking something else.
Thus nxlog was born in 2009 and has been a closed source product heavily used in several
production deployments since.
- The source code of NXLOG Community Edition was released in November 2011.
+ The source code of NXLOG Community Edition was released under the GPL/LGPL in November 2011.
</para>
</section>
View
14 doc/reference-manual/en/forwarding.xml
@@ -114,6 +114,16 @@
</varlistentry>
<varlistentry>
+ <term><anchor id="forwarding_format_bson"/>BSON</term>
+ <listitem>
+ <para>
+ The BSON output format is currently unsupported. Support is planned and should
+ be available in an upcoming nxlog release.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term><anchor id="forwarding_format_xml"/>XML</term>
<listitem>
<para>
@@ -205,7 +215,9 @@
<section id="forwarding_database">
<title>Storing logs in a database</title>
<para>
- The <link linkend="om_dbi">om_dbi</link> and om_odbc modules can be used to store logs in databases.
+ The <link linkend="om_dbi">om_dbi</link> module can be used to store logs in databases
+ which are supported by the libdbi database abstraction library.
+ This is only supported on POSIX platforms and is not available on Windows.
</para>
</section>
View
1  doc/reference-manual/en/modules.xml
@@ -37,7 +37,6 @@
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/extension/syslog.xml" />
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/extension/exec.xml" />
<xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/extension/perl.xml" />
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="modules/extension/wtmp.xml" />
</section>
<section id="modules_input">
View
12 doc/reference-manual/en/modules/extension/csv.xml
@@ -178,18 +178,6 @@
</para>
</listitem>
</varlistentry>
-
- <varlistentry>
- <term><anchor id="xm_csv_config_undefvalue"/>UndefValue</term>
- <listitem>
- <para>
- This optional directive specifies a string which will be treated as an undefined value.
- This is particularly useful when <link linkend="processing_parsers_w3c">parsing the W3C format</link> where
- the dash "-" marks an omitted field.
- </para>
- </listitem>
- </varlistentry>
-
</variablelist>
</para>
View
23 doc/reference-manual/en/modules/extension/gelf.xml
@@ -73,16 +73,8 @@
</Extension>
<Input in>
- # Use 'im_mseventlog' for Windows XP, 2000 and 2003
+ # Use 'im_mseventlog' for Windows XP and 2003
Module im_msvistalog
-# Uncomment the following to collect specific event logs only
-# Query <QueryList>\
-# <Query Id="0">\
-# <Select Path="Application">*</Select>\
-# <Select Path="System">*</Select>\
-# <Select Path="Security">*</Select>\
-# </Query>\
-# </QueryList>
</Input>
<Output out>
@@ -98,22 +90,13 @@
]]>
</programlisting>
</example>
- <example id="xm_gelf_example_file">
- <title>Forwarding custom log files to Graylog2 in GELF</title>
- <para>
- You may want to collect custom application logs and send it out in the GELF format. See the following example about
- setting the common and custom fields to make the data more useful for the other end.
- </para>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../../config-examples/config-example-xm_gelf_file.xml" />
- </example>
-
- <example id="xm_gelf_example_csv">
+ <example id="xm_gelf_example2">
<title>Parsing a CSV file and sending it to Graylog2 in GELF</title>
<para>
Using the following config file nxlog will read a CSV file containing 3 fields and
forwards it in GELF so that the fields will be available on the server.
</para>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../../config-examples/config-example-xm_gelf_csv.xml" />
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../../config-examples/config-example-gelf.xml" />
</example>
</para>
View
25 doc/reference-manual/en/modules/extension/multiline.xml
@@ -99,10 +99,11 @@
<note>
<para>
Until there is a new header read, the previous message is stored in the buffers
- because the module does not know where the message ends. The
- <link linkend="im_file">im_file</link> module will forcibly flush this buffer
- after the configured <link linkend="im_file_config_pollinterval">PollInterval</link>
- timeout.
+ because the module does not know where the message ends.
+ If there is no new message, the last may sit in the buffers indefinitly.
+ It may be possible to flush the buffers using a timer or on EOF, unfortunately
+ these solutions are not perfect either (though these may be implemented in a later
+ version).
If this behaviour is unacceptable, consider using some kind of an encapsulation
method (JSON, XML, RFC5425, etc) or use and end marker with
<link linkend="xm_multiline_config_headerline">EndLine</link> if possible.
@@ -168,22 +169,6 @@
<section id="xm_multiline_config_examples">
<title>Configuration examples</title>
- <example id="xm_multiline_example_5">
- <title>Parsing multi-line XML logs and converting to JSON</title>
- <para>
- XML is commonly formatted as indented multi-line to make it more readable.
- In the following configuration file we use the
- <link linkend="xm_multiline_config_headerline">HeaderLine</link> together with the
- <link linkend="xm_multiline_config_headerline">HeaderLine</link> directive to parse the events which are
- converted to JSON after some slight normalization.
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../../config-examples/config-example-xm_multiline5.conf.xml" />
- An input sample:
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../../config-examples/config-example-xm_multiline5.in.xml" />
- The following output is produced:
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../../config-examples/config-example-xm_multiline5.out.xml" />
- </para>
- </example>
-
<example id="xm_multiline_example_4">
<title>Parsing DICOM logs</title>
<para>
View
10 doc/reference-manual/en/modules/extension/syslog.xml
@@ -146,16 +146,6 @@
<section id="xm_syslog_config_examples">
<title>Configuration examples</title>
- <example id="xm_syslog_example_syslog_bsd_file">
- <title>Sending a file as BSD syslog over UDP</title>
- <para>
- To send logs out in BSD syslog format over udp which are collected from files, use the
- <link linkend="xm_syslog_proc_to_syslog_bsd">to_syslog_bsd()</link> procedure coupled
- with the <link linkend="im_udp">om_udp</link> module as in the following example.
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../../config-examples/config-example-xm_syslog_file_bsd_udp.xml" />
- </para>
- </example>
-
<example id="xm_syslog_example_bsd_udp">
<title>Collecting BSD style syslog messages over UDP</title>
<para>
View
40 doc/reference-manual/en/modules/extension/wtmp.xml
@@ -1,40 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<section id="xm_wtmp">
- <title>WTMP (xm_wtmp)</title>
- <para>
- This module provides a parser function to process binary wtmp files. The module registers an parser function
- using the name of the extension module instance which can be used as the parameter of the
- <link linkend="config_inputtype">InputType</link> directive in input modules such as <link linkend="im_file">im_file</link>.
- </para>
-
- <section id="xm_wtmp_config">
- <title>Configuration</title>
- <para>
- The module does not have any module specific configuration directives.
- </para>
- </section>
-
- <section id="xm_wtmp_config_examples">
- <title>Configuration examples</title>
- <para>
- <example id="xm_wtmp_example1">
- <title>WTMP to JSON format conversion</title>
- <para>
- The following configuration accepts WTMP and converts it to JSON.
- </para>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../../config-examples/config-example-wtmp2json.xml" />
- <para>
- The following is a sample output produced by the configuration above.
- <programlisting><![CDATA[{"EventTime":"2013-10-01 09:39:59","AccountName":"root","Device":"pts/1",
- "LoginType":"login","EventReceivedTime":"2013-10-10 15:40:20",
- "SourceModuleName":"input","SourceModuleType":"im_file"}
-{"EventTime":"2013-10-01 23:23:38","AccountName":"shutdown","Device":"no device",
- "LoginType":"shutdown","EventReceivedTime":"2013-10-11 10:58:00",
- "SourceModuleName":"input","SourceModuleType":"im_file"}]]>
- </programlisting>
- </para>
- </example>
- </para>
- </section>
-
-</section>
View
83 doc/reference-manual/en/modules/input/file.xml
@@ -19,16 +19,6 @@
By using wildcards, the module can read multiple files simultaneously and will open
new files as they appear. It will also enter newly created directories if recursion
is enabled.
- <note>
- <para>
- The module needs to scan the directory content in case of a wildcarded file monitoring.
- This can present a significant load if there are many files (hundreds or thousands) in
- the monitored directory. For this reason it is highly recommended to rotate files out
- of the monitored directory either using the
- <link linkend="processing_log_rotation">built-in log rotation</link> capabilities of nxlog
- or using external tools.
- </para>
- </note>
</para>
<section id="im_file_config">
@@ -183,79 +173,6 @@
</simpara>
</listitem>
</varlistentry>
- <varlistentry>
- <term><anchor id="im_file_config_dircheckinterval"/>DirCheckInterval</term>
- <listitem>
- <simpara>
- This directive specifies in seconds how frequently the module will check the monitored
- directory for modifications to files and new files in case of a wildcarded
- <link linkend="im_file_config_file">File</link> path.
- If this directive is not specified it defaults to double of the value of the
- <link linkend="im_file_config_pollinterval">PollInterval</link> directive, i.e.
- it is 2 seconds if <link linkend="im_file_config_pollinterval">PollInterval</link>
- isn't defined either.
- Fractional seconds may be specified.
- It is recommended to increase the default in case there are many files which cannot
- be rotated out and the nxlog process has a high CPU load.
- </simpara>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><anchor id="im_file_config_activefiles"/>ActiveFiles</term>
- <listitem>
- <simpara>
- This directive specifies how many files nxlog will actively monitor at most.
- If there are modifications to more files in parallel than the value of this directive,
- then modifications to files above this limit will only get noticed after the
- <link linkend="im_file_config_dircheckinterval">DirCheckInterval</link>, i.e. all data should
- be collected eventually.
- Typically there is only one or at most a couple log sources which actively append data to
- log files, the rest of the files are usually dormant after being rotated, so the default
- value of 10 should be sufficient in most cases.
- This directive is also only relevant in case of a wildcarded
- <link linkend="im_file_config_file">File</link> path.
- </simpara>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term><anchor id="im_file_config_renamecheck"/>RenameCheck</term>
- <listitem>
- <para>
- This directive takes a boolean value of TRUE or FALSE and specifies whether
- input files should be monitored for possible file rotation via renaming in order
- to avoid rereading the file contents.
- A file is considered to be rotated when nxlog detects a new file whose inode and
- size matches that of another watched file which has just been deleted.
- Note that this does not always work correctly and can yield false positives when
- a log file is deleted and another is added with the same size. The file system is
- likely to reuse to inode number of the deleted file and thus the module will falsely
- detect this as a rename/rotation.
- For this reason the default value of the RenameCheck directive is FALSE.
- When this directive is FALSE, renamed files are considered as new and the file
- contents will be reread.
- </para>
- <note>
- <para>
- It is recommended to use a naming scheme for rotated files such that their name
- does not match the wildcard and are not monitored anymore after rotation
- instead of trying to solve the renaming issue by enabling this directive.
- </para>
- </note>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><anchor id="im_file_config_closewhenidle"/>CloseWhenIdle</term>
- <listitem>
- <para>
- This directive takes a boolean value of TRUE or FALSE and specifies whether
- open input files should be closed as soon as possible after there is no more data to read.
- Some applications request an exclusive lock on the log file written or rotated, this directive
- can possibly help if the application can/does retry to acquire the lock.
- This directive defaults to FALSE unless specified explicitly.
- </para>
- </listitem>
- </varlistentry>
<varlistentry>
<term><anchor id="im_file_config_inputtype"/>InputType</term>
View
2  doc/reference-manual/en/modules/input/msvistalog.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<section id="im_msvistalog">
- <title>MS EventLog for Windows 2008/Vista and later (im_msvistalog)</title>
+ <title>MS EventLog for Windows 2008/Vista and later (im_msvistatlog)</title>
<para>
This module can be used to collect EventLog messages on Microsoft Windows platforms which support
the newer EventLog API (also known as the Crimson Eventlog subsystem), namely Windows 2008/Vista
View
2  doc/reference-manual/en/modules/output/blocker.xml
@@ -16,7 +16,7 @@
<para>
<example>
<title>Testing buffering with the om_blocker module</title>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../../config-examples/config-example-om_blocker.xml" />
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="../../../config-examples/config-example-pm_blocker.xml" />
</example>
</para>
</section>
View
10 doc/reference-manual/en/modules/output/file.xml
@@ -16,13 +16,9 @@
<simpara>
This mandatory directive specifies the name of the output file to open.
It must be a <link linkend="lang_type_string">string</link> type
- <link linkend="lang_expressions">expression</link>.
- If the expression in the File directive is not a constant string (i.e. it contains
- functions, field names or operators), it will be evaluated before each event is
- written to the file (and after the <link linkend="config_module_exec">Exec</link>
- is evaluated).
- Note that the filename must be quoted to be a valid string literal unlike in
- other directives which take a filename argument.
+ <link linkend="lang_expressions">expression</link>. Note that the filename
+ must be quoted to be a valid string literal unlike in other directives
+ which take a filename argument.
For relative filenames you should be aware that nxlog changes its working
directory to '/' unless the global
<link linkend="config_global_spooldir">SpoolDir</link> is set to something else.
View
648 doc/reference-manual/en/nxlog-reference-manual.html
181 additions, 467 deletions not shown
View
BIN  doc/reference-manual/en/nxlog-reference-manual.pdf
Binary file not shown
View
719 doc/reference-manual/en/nxlog-reference-manual.txt
@@ -1,4 +1,4 @@
-NXLOG Community Edition Reference Manual for v2.7.1191
+NXLOG Community Edition Reference Manual for v2.5.1089
Botond Botyanszki
@@ -103,7 +103,6 @@ Botond Botyanszki
Syslog (xm_syslog)
External program execution (xm_exec)
Perl (xm_perl)
- WTMP (xm_wtmp)
Input modules
@@ -116,7 +115,7 @@ Botond Botyanszki
Mark (im_mark)
MS EventLog for Windows XP/2000/2003 (im_mseventlog)
MS EventLog for Windows 2008/Vista and later
- (im_msvistalog)
+ (im_msvistatlog)
Null (im_null)
TLS/SSL (im_ssl)
@@ -320,71 +319,69 @@ Botond Botyanszki
6.8. Parsing KVPs in Sidewinder logs
6.9. Parsing URL request parameters in Apache access logs
6.10. Sending Windows EventLog to Graylog2 in GELF
- 6.11. Forwarding custom log files to Graylog2 in GELF
- 6.12. Parsing a CSV file and sending it to Graylog2 in GELF
- 6.13. Character set autodetection of various input encodings
- 6.14. Rotation of the internal LogFile
- 6.15. Parsing multi-line XML logs and converting to JSON
- 6.16. Parsing DICOM logs
- 6.17. Multi-line messages with a fixed string header
- 6.18. Multi-line messages with fixed line count
- 6.19. Multi-line messages with a syslog header
- 6.20. Sending a file as BSD syslog over UDP
- 6.21. Collecting BSD style syslog messages over UDP
- 6.22. Collecting IETF style syslog messages over UDP
- 6.23. Collecting both IETF and BSD style syslog messages over
+ 6.11. Parsing a CSV file and sending it to Graylog2 in GELF
+ 6.12. Character set autodetection of various input encodings
+ 6.13. Rotation of the internal LogFile
+ 6.14. Parsing DICOM logs
+ 6.15. Multi-line messages with a fixed string header
+ 6.16. Multi-line messages with fixed line count
+ 6.17. Multi-line messages with a syslog header
+ 6.18. Collecting BSD style syslog messages over UDP
+ 6.19. Collecting IETF style syslog messages over UDP
+ 6.20. Collecting both IETF and BSD style syslog messages over
the same UDP port
- 6.24. Collecting IETF style syslog messages over TLS/SSL
- 6.25. Forwarding IETF syslog over TCP
- 6.26. Conditional rewrite of the syslog facility - version 1
- 6.27. Conditional rewrite of the syslog facility - version 2
- 6.28. nxlog acting as a cron daemon
- 6.29. Sending email alerts
- 6.30. Using the built-in perl interpreter
- 6.31. WTMP to JSON format conversion
- 6.32. Reading from a MySQL database
- 6.33. Emulating im_file
- 6.34. Forwarding logs from a file to a remote host
- 6.35. Forwaring internal messages over syslog udp
- 6.36. Storing raw kernel logs into a file
- 6.37. Using the im_mark module
- 6.38. Forwarding EventLogs from a windows machine to a remote
+ 6.21. Collecting IETF style syslog messages over TLS/SSL
+ 6.22. Forwarding IETF syslog over TCP
+ 6.23. Conditional rewrite of the syslog facility - version 1
+ 6.24. Conditional rewrite of the syslog facility - version 2
+ 6.25. nxlog acting as a cron daemon
+ 6.26. Sending email alerts
+ 6.27. Using the built-in perl interpreter