Uploaded image for project: 'OpenNMS'
  1. OpenNMS
  2. NMS-9522

RadixTreeSyslogParser confuses timezone and hostname fields

    XMLWordPrintable

    Details

    • Sprint:
      Horizon - September 27th

      Description

      Because hostname and timezone are both string types, they are being confused by the parser, even though timezone parsing should throw an exception if an invalid value (such as a hostname) is encountered.

      If you observe here even though hostname is localhost it’s not considered as hostname since it was parsed as timezone and exception was thrown and further it has got parsed:

      <14> Nov 16 00:01:25 localhost postfix/smtpd[1713]: connect from www.opennms.org[10.1.1.1]
true
UEI : uei.opennms.org/syslogd/user/Info
Time : Wed Nov 16 00:01:25 IST 2016
NodeId : 0
Ip Address : null
Host Name : null
Log Message : connect from www.opennms.org[10.1.1.1]
Syslog Message : connect from www.opennms.org[10.1.1.1]
Nov 15 18:31:25
Facility : user
Priority : Info

      This is parsed correctly:

      <19> Nov 17 14:28:48 CST %AUTHPRIV-3-SYSTEM_MSG[0]: Authentication failed from 10.10.10.10 - sshd[20189]
true
UEI : uei.opennms.org/syslogd/mail/Error
Time : Thu Nov 17 14:28:48 IST 2016
NodeId : 0
Ip Address : null
Host Name : null
Log Message : Authentication failed from 10.10.10.10 - sshd[20189]
Syslog Message : Authentication failed from 10.10.10.10 - sshd[20189]
Nov 17 08:58:48
Facility : mail
Priority : Error

      If we keep hostname first and time zone we can see following, hostname is parsed correctly:

      <14> Nov 16 00:01:25 localhost postfix/smtpd[1713]: connect from www.opennms.org[10.1.1.1]
true
UEI : uei.opennms.org/syslogd/user/Info
Time : Wed Nov 16 00:01:25 IST 2016
NodeId : 0
Ip Address : 127.0.0.1
Host Name : localhost
Log Message : connect from www.opennms.org[10.1.1.1]
Syslog Message : connect from www.opennms.org[10.1.1.1]
Nov 15 18:31:25
Facility : user
Priority : Info
Process : postfix/smtpd
Processid : 1713

      But here time zone is considered as hostname:

      <19> Nov 17 14:28:48 CST %AUTHPRIV-3-SYSTEM_MSG[0]: Authentication failed from 10.10.10.10 - sshd[20189]
true
UEI : uei.opennms.org/syslogd/mail/Error
Time : Thu Nov 17 14:28:48 IST 2016
NodeId : 0
Ip Address : 10.10.2.2
Host Name : CST
Log Message : Authentication failed from 10.10.10.10 - sshd[20189]
Syslog Message : Authentication failed from 10.10.10.10 - sshd[20189]
Nov 17 08:58:48
Facility : mail
Priority : Error
Process : %AUTHPRIV-3-SYSTEM_MSG
Processid : 0

        Attachments

          Activity

            People

            Assignee:
            seth Seth Leger (Inactive)
            Reporter:
            MS043660 Malatesh (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration