Created
September 1, 2022 22:32
-
-
Save melissaboiko/b826730bccdf7e8c1ea46cad7fc720ee to your computer and use it in GitHub Desktop.
more informative, precise, tab-separated template for rsyslog, in the cleaner list expression syntax
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # this will generate entries like: | |
| # info.daemon 2022-09-02T00:27:39.198142+02:00 umbral:systemd[1]: Starting System Logging Service... | |
| # info.syslog 2022-09-02T00:27:39.238310+02:00 umbral:rsyslogd: imuxsock: Acquired UNIX socket '/run/systemd/journal/syslog' (fd 3) from systemd. [v8.2001.0] | |
| # - contrary to default template, you get priority (warn, info, debug...) as well as software-specific tag | |
| # - timestamp in standard rfc3339 format, greppable, sed/awkable, sortable, with high time precision and timezone | |
| # - tabs may take more space but today's monitors are big and the terminal scrolls, | |
| # - and tsv is handy to process with cut(1), easy to sed, and you can just pipe to `xsel -b` and paste in any spreadsheet. | |
| template (name="precise-tsv" type="list") { | |
| property(name="syslogpriority-text") | |
| constant(value=".") | |
| property(name="syslogfacility-text") | |
| constant(value="\t") | |
| property(name="timestamp" dateFormat="rfc3339") | |
| constant(value="\t") | |
| property(name="hostname") | |
| constant(value=":") | |
| property(name="syslogtag") | |
| constant(value="\t") | |
| property(name="msg" controlcharacters="escape") | |
| constant(value="\n") | |
| } | |
| $ActionFileDefaultTemplate precise-tsv | |
| # vim: ft=conf |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment