Uploaded image for project: 'OpenNMS'
  1. OpenNMS
  2. NMS-4772

Add support for matching syslog messages by process name, severity, facility in ueiMatch

    Details

      Description

      Currently Syslogd can match syslog messages based on their contents, not on the severity or facility encoded in the PRIO block or the process name. This enhancement makes it possible to match on facility, severity, process name, message contents, or any combination of these. For instance, it will now be possible to catch all "mail.critical" messages from the "postfix/smtpd" process, giving them a UEI like "uei.opennms.org/vendor/postfix/syslog/mail/Critical" rather than the generic "uei.opennms.org/syslog/mail/Critical" that may also apply to messages from dovecot, even without a-priori knowledge of the messages' contents. Among other things, this capability allows for more granular classification of messages for which a specific event definition has not been created.

        Attachments

          Activity

            People

            • Assignee:
              jeffg Jeff Gehlbach
              Reporter:
              jeffg Jeff Gehlbach
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: