Uploaded image for project: 'OpenNMS'
  1. OpenNMS
  2. NMS-2640

[syslogd] OpenNMS's syslogd implementation does not handle all syslog facilities

    Details

    • Bugzilla Id:
      2580

      Description

      OpenNMS does not handle all syslog facilities. More importantly is does not handle syslog facility 10:

      example 1: An event with no matching configuration was received from interface 1.1.1.1. This event included the following parameters: syslogmessage="host1 sshd[10009]: Did not receive identification string from 1.1.1.1" severity="Info" timestamp="Jul 11 10:59:19" process="" service="unknown facility='10'" processid="0"

      example 2: An event with no matching configuration was received from interface 1.1.1.1. This event included the following parameters: syslogmessage="host2 radiusd: pam_vas: Authentication for user: account: service: reason: " severity="Info" timestamp="Jul 11 10:59:33" process="" service="unknown facility='10'" processid="0"

      I noticed the following comment in SyslogDefs.java "/* other codes through 15 reserved for system use */" (remark: comment was after code 9, so implicitly code 10-15).
      However, as you can see codes 10-15 may, and are, being used by common applications as sshd and pam_vas.

      For a complete list of facility codes see: http://www.monitorware.com/Common/en/glossary/Syslog-Facility.php

      Would it be possible for you to add support for facilities 10-15 (hence, all facilities), so that no OpenNMS (SysLog) events with Severity "Indeterminate" because of unknown facility code will exist?

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              jimisola@jimisola.com Jimisola Laursen
            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: