static void test_skip(void (*setup)(void))
{
char t[] = "/tmp/journal-skip-XXXXXX";
sd_journal *j;
int r;
assert_se(mkdtemp(t));
assert_se(chdir(t) >= 0);
setup();
/* Seek to head, iterate down.
*/
assert_ret(sd_journal_open_directory(&j, t, 0));
assert_ret(sd_journal_seek_head(j));
assert_ret(sd_journal_next(j));
test_check_numbers_down(j, 4);
sd_journal_close(j);
/* Seek to tail, iterate up.
*/
assert_ret(sd_journal_open_directory(&j, t, 0));
assert_ret(sd_journal_seek_tail(j));
assert_ret(sd_journal_previous(j));
test_check_numbers_up(j, 4);
sd_journal_close(j);
/* Seek to tail, skip to head, iterate down.
*/
assert_ret(sd_journal_open_directory(&j, t, 0));
assert_ret(sd_journal_seek_tail(j));
assert_ret(r = sd_journal_previous_skip(j, 4));
assert_se(r == 4);
test_check_numbers_down(j, 4);
sd_journal_close(j);
/* Seek to head, skip to tail, iterate up.
*/
assert_ret(sd_journal_open_directory(&j, t, 0));
assert_ret(sd_journal_seek_head(j));
assert_ret(r = sd_journal_next_skip(j, 4));
assert_se(r == 4);
test_check_numbers_up(j, 4);
sd_journal_close(j);
log_info("Done...");
if (arg_keep)
log_info("Not removing %s", t);
else {
journal_directory_vacuum(".", 3000000, 0, 0, NULL);
assert_se(rm_rf_dangerous(t, false, true, false) >= 0);
}
puts("------------------------------------------------------------");
}
static int journal_seek_tail (lua_State *L) {
sd_journal *j = check_journal(L, 1);
int err = sd_journal_seek_tail(j);
if (err != 0) return handle_error(L, -err);
lua_pushboolean(L, 1);
return 1;
}
int main(int argc, char** argv){
int r;
char* end;
sd_journal *j;
riemann_client_t *c;
riemann_message_t *req, *res;
riemann_event_t *event;
int after_wait = 0;
r = sd_journal_open(&j, 0);
assert(r == 0);
if(argc != 3 && argc != 6){
fprintf(stderr,"usage: journal2riemann <host> <port> [<ca-file> <cert-file> <key-file>]\n");
fprintf(stderr,"example: journal2riemann 127.0.0.1 5555\n");
exit(1);
}
long port = strtol(argv[2],&end,10);
if(argc >= 6){
c = riemann_client_create (
RIEMANN_CLIENT_TLS, argv[1], port,
RIEMANN_CLIENT_OPTION_TLS_CA_FILE, argv[3],
RIEMANN_CLIENT_OPTION_TLS_CERT_FILE, argv[4],
RIEMANN_CLIENT_OPTION_TLS_KEY_FILE, argv[5],
RIEMANN_CLIENT_OPTION_TLS_HANDSHAKE_TIMEOUT, 10000,
RIEMANN_CLIENT_OPTION_NONE);
}else{
c = riemann_client_create (RIEMANN_CLIENT_TCP, argv[1], port);
}
r = sd_journal_seek_tail(j);
assert(r == 0);
for (;;) {
const void *field; size_t len;
r = sd_journal_next(j); assert (r >= 0);
if (r == 0) { // if no more log available, wait for new ones
r = sd_journal_wait(j, (uint64_t) -1);
assert (r >= 0);
after_wait = 1;
continue;
}
else if (!after_wait){ // skip all logs before the first wait
continue;
}
event = riemann_event_create(RIEMANN_EVENT_FIELD_NONE);
strncpy(servicename,"journal",8);
SD_JOURNAL_FOREACH_DATA(j, field, len){
char* attr = ""; enum RiemannType type; void* val;
int matched = NOMATCH;
MATCH(F,RIEMANN_EVENT_FIELD_DESCRIPTION , STRING , "MESSAGE=")
MATCH(A,"message_id" , STRING , "MESSAGE_ID=")
MATCH(F,RIEMANN_EVENT_FIELD_STATE , STATE , "PRIORITY=")
MATCH(F,MATCHNOTHING , STRING , "CODE_FILE=")
MATCH(F,MATCHNOTHING , STRING , "CODE_LINE=")
MATCH(F,MATCHNOTHING , STRING , "CODE_FUNC=")
MATCH(F,MATCHNOTHING , STRING , "ERRNO=")
MATCH(F,MATCHNOTHING , STRING , "SYSLOG_FACILITY=")
MATCH(F,MATCHNOTHING , STRING , "SYSLOG_IDENTIFIER=")
MATCH(F,MATCHNOTHING , STRING , "SYSLOG_PID=")
MATCH(F,MATCHNOTHING , STRING , "_PID=")
MATCH(F,MATCHNOTHING , STRING , "_UID=")
MATCH(F,MATCHNOTHING , STRING , "_GID=")
MATCH(F,MATCHNOTHING , STRING , "_COMM=")
MATCH(F,MATCHNOTHING , STRING , "_EXE=")
MATCH(A,"command_line" , STRING , "_CMDLINE=")
MATCH(F,MATCHNOTHING , STRING , "_CAP_EFFECTIVE=")
MATCH(F,MATCHNOTHING , STRING , "_AUDIT_SESSION=")
MATCH(F,MATCHNOTHING , STRING , "_AUDIT_LOGINUID=")
MATCH(F,MATCHNOTHING , STRING , "_SYSTEMD_CGROUP=")
MATCH(F,MATCHNOTHING , STRING , "_SYSTEMD_SESSION=")
MATCH(F,SERVICEPART , STRING , "_SYSTEMD_UNIT=")
MATCH(F,MATCHNOTHING , STRING , "_SYSTEMD_USER_UNIT=")
MATCH(F,MATCHNOTHING , STRING , "_SYSTEMD_OWNER_UID=")
MATCH(F,MATCHNOTHING , STRING , "_SYSTEMD_SLICE=")
MATCH(F,MATCHNOTHING , STRING , "_SELINUX_CONTEXT=")
MATCH(F,RIEMANN_EVENT_FIELD_TIME , TIME , "_SOURCE_REALTIME_TIMESTAMP=")
MATCH(F,MATCHNOTHING , STRING , "_BOOT_ID=")
MATCH(F,MATCHNOTHING , STRING , "_MACHINE_ID=")
MATCH(F,RIEMANN_EVENT_FIELD_HOST , STRING , "_HOSTNAME=")
MATCH(F,MATCHNOTHING , STRING , "_TRANSPORT=")
MATCH(F,MATCHNOTHING , STRING , "_KERNEL_DEVICE=")
MATCH(F,MATCHNOTHING , STRING , "_KERNEL_SUBSYSTEM=")
MATCH(F,MATCHNOTHING , STRING , "_UDEV_SYSNAME=")
MATCH(F,MATCHNOTHING , STRING , "_UDEV_DEVNODE=")
MATCH(F,MATCHNOTHING , STRING , "_UDEV_DEVLINK=")
MATCH(F,MATCHNOTHING , STRING , "COREDUMP_UNIT=")
MATCH(F,MATCHNOTHING , STRING , "COREDUMP_USER_UNIT=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_UID=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_GID=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_COMM=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_EXE=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_CMDLINE=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_AUDIT_SESSION=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_AUDIT_LOGINUID=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_SYSTEMD_CGROUP=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_SYSTEMD_SESSION=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_SYSTEMD_OWNER_UID=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_SYSTEMD_UNIT=")
MATCH(F,MATCHNOTHING , STRING , "OBJECT_SYSTEMD_USER_UNIT=")
MATCH(F,MATCHNOTHING , STRING , "__CURSOR=")
MATCH(F,MATCHNOTHING , STRING , "__REALTIME_TIMESTAMP=")
MATCH(F,MATCHNOTHING , STRING , "__MONOTONIC_TIMESTAMP=")
if(matched != MATCHNOTHING && matched != NOMATCH){
memcpy(valuebuf,field,len); *(valuebuf+len) = 0;
switch(type){
case STATE:
val = (void*) states[atoi(valuebuf)];
break;
case TIME:
*(valuebuf+len-6) = 0;
long t = strtol(valuebuf,&end,10);
val = (int64_t) t;
break;
default:
val = (void*) valuebuf;
}
switch(matched){
case ATTRIBUTE:
riemann_event_string_attribute_add(event,attr,valuebuf); break;
case TAG:
riemann_event_tag_add(event,valuebuf); break;
case SERVICEPART:
if(len > 0){
strncat(servicename," ",2);
strncat(servicename,valuebuf,len+1);
}
break;
default:
riemann_event_set(event,matched,val,RIEMANN_EVENT_FIELD_NONE);
}
}
}
riemann_event_set(event,RIEMANN_EVENT_FIELD_SERVICE,servicename,RIEMANN_EVENT_FIELD_NONE);
req = riemann_message_create_with_events(event, NULL);
res = riemann_communicate(c, req);
if (!res)
{
fprintf (stderr, "Error communicating with Riemann: %s\n",
strerror (errno));
exit (1);
}
if (res->error)
{
fprintf (stderr, "Error communicating with Riemann: %s\n",
res->error);
exit (1);
}
if (res->has_ok && !res->ok)
{
fprintf (stderr, "Error communicating with Riemann: %s\n",
strerror (errno));
exit (1);
}
riemann_message_free(res);
}
QStringList UnitModel::getLastJrnlEntries(QString unit) const
{
QString match1, match2;
int r, jflags;
QStringList reply;
const void *data;
size_t length;
uint64_t time;
sd_journal *journal;
if (!userBus.isEmpty())
{
match1 = QString("USER_UNIT=" + unit);
jflags = (SD_JOURNAL_LOCAL_ONLY | SD_JOURNAL_CURRENT_USER);
}
else
{
match1 = QString("_SYSTEMD_UNIT=" + unit);
match2 = QString("UNIT=" + unit);
jflags = (SD_JOURNAL_LOCAL_ONLY | SD_JOURNAL_SYSTEM);
}
r = sd_journal_open(&journal, jflags);
if (r != 0)
{
qDebug() << "Failed to open journal";
return reply;
}
sd_journal_flush_matches(journal);
r = sd_journal_add_match(journal, match1.toUtf8(), 0);
if (r != 0)
return reply;
if (!match2.isEmpty())
{
sd_journal_add_disjunction(journal);
r = sd_journal_add_match(journal, match2.toUtf8(), 0);
if (r != 0)
return reply;
}
r = sd_journal_seek_tail(journal);
if (r != 0)
return reply;
// Fetch the last 5 entries
for (int i = 0; i < 5; ++i)
{
r = sd_journal_previous(journal);
if (r == 1)
{
QString line;
// Get the date and time
r = sd_journal_get_realtime_usec(journal, &time);
if (r == 0)
{
QDateTime date;
date.setMSecsSinceEpoch(time/1000);
line.append(date.toString("yyyy.MM.dd hh:mm"));
}
// Color messages according to priority
r = sd_journal_get_data(journal, "PRIORITY", &data, &length);
if (r == 0)
{
int prio = QString::fromUtf8((const char *)data, length).section('=',1).toInt();
if (prio <= 3)
line.append("<span style='color:tomato;'>");
else if (prio == 4)
line.append("<span style='color:khaki;'>");
else
line.append("<span style='color:palegreen;'>");
}
// Get the message itself
r = sd_journal_get_data(journal, "MESSAGE", &data, &length);
if (r == 0)
{
line.append(": " + QString::fromUtf8((const char *)data, length).section('=',1) + "</span>");
if (line.length() > 195)
line = QString(line.left(195) + "..." + "</span>");
reply << line;
}
}
else // previous failed, no more entries
return reply;
}
sd_journal_close(journal);
return reply;
}
void
systemd_init(pmdaInterface *dp)
{
int sts;
int journal_fd;
dp->version.six.desc = systemd_desc;
dp->version.six.fetch = systemd_fetch;
dp->version.six.text = systemd_text;
dp->version.six.attribute = systemd_contextAttributeCallBack;
pmdaSetFetchCallBack(dp, systemd_fetchCallBack);
pmdaSetEndContextCallBack(dp, systemd_end_contextCallBack);
pmdaInit(dp, NULL, 0, metrictab, sizeof(metrictab)/sizeof(metrictab[0]));
/* Initialize the systemd side. This is failure-tolerant. */
/* XXX: SD_JOURNAL_{LOCAL|RUNTIME|SYSTEM}_ONLY */
sts = sd_journal_open(& journald_context, 0);
if (sts < 0) {
__pmNotifyErr(LOG_ERR, "sd_journal_open failure: %s",
strerror(-sts));
dp->status = sts;
return;
}
sts = sd_journal_open(& journald_context_seeky, 0);
if (sts < 0) {
__pmNotifyErr(LOG_ERR, "sd_journal_open #2 failure: %s",
strerror(-sts));
dp->status = sts;
return;
}
sts = sd_journal_seek_tail(journald_context);
if (sts < 0) {
__pmNotifyErr(LOG_ERR, "sd_journal_seek_tail failure: %s",
strerror(-sts));
}
/* Work around RHBZ979487. */
sts = sd_journal_previous_skip(journald_context, 1);
if (sts < 0) {
__pmNotifyErr(LOG_ERR, "sd_journal_previous_skip failure: %s",
strerror(-sts));
}
/* Arrange to wake up for journal events. */
journal_fd = sd_journal_get_fd(journald_context);
if (journal_fd < 0) {
__pmNotifyErr(LOG_ERR, "sd_journal_get_fd failure: %s",
strerror(-journal_fd));
/* NB: not a fatal error; the select() loop will still time out and
periodically poll. This makes it ok for sd_journal_reliable_fd()
to be 0. */
} else {
FD_SET(journal_fd, &fds);
if (journal_fd > maxfd) maxfd = journal_fd;
}
/* NB: One queue is used for both .records and .records_raw; they
just use different decoder callbacks. */
queue_entries = pmdaEventNewQueue("systemd", maxmem);
if (queue_entries < 0)
__pmNotifyErr(LOG_ERR, "pmdaEventNewQueue failure: %s",
pmErrStr(queue_entries));
}
int main(int argc, char *argv[]) {
int r;
sd_journal *j = NULL;
unsigned line = 0;
bool need_seek = false;
sd_id128_t previous_boot_id;
bool previous_boot_id_valid = false;
bool have_pager;
log_parse_environment();
log_open();
r = parse_argv(argc, argv);
if (r <= 0)
goto finish;
if (arg_new_id128) {
r = generate_new_id128();
goto finish;
}
#ifdef HAVE_ACL
if (!arg_quiet && geteuid() != 0 && in_group("adm") <= 0)
log_warning("Showing user generated messages only. Users in the group 'adm' can see all messages. Pass -q to turn this message off.");
#endif
if (arg_directory)
r = sd_journal_open_directory(&j, arg_directory, 0);
else
r = sd_journal_open(&j, arg_local ? SD_JOURNAL_LOCAL_ONLY : 0);
if (r < 0) {
log_error("Failed to open journal: %s", strerror(-r));
goto finish;
}
if (arg_print_header) {
journal_print_header(j);
r = 0;
goto finish;
}
r = add_this_boot(j);
if (r < 0)
goto finish;
r = add_matches(j, argv + optind);
if (r < 0)
goto finish;
if (!arg_quiet) {
usec_t start, end;
char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
if (r < 0) {
log_error("Failed to get cutoff: %s", strerror(-r));
goto finish;
}
if (r > 0) {
if (arg_follow)
printf("Logs begin at %s.\n", format_timestamp(start_buf, sizeof(start_buf), start));
else
printf("Logs begin at %s, end at %s.\n",
format_timestamp(start_buf, sizeof(start_buf), start),
format_timestamp(end_buf, sizeof(end_buf), end));
}
}
if (arg_lines >= 0) {
r = sd_journal_seek_tail(j);
if (r < 0) {
log_error("Failed to seek to tail: %s", strerror(-r));
goto finish;
}
r = sd_journal_previous_skip(j, arg_lines);
} else {
r = sd_journal_seek_head(j);
if (r < 0) {
log_error("Failed to seek to head: %s", strerror(-r));
goto finish;
}
r = sd_journal_next(j);
}
if (r < 0) {
log_error("Failed to iterate through journal: %s", strerror(-r));
goto finish;
}
have_pager = !arg_no_pager && !arg_follow;
if (have_pager) {
columns();
pager_open();
}
if (arg_output == OUTPUT_JSON) {
fputc('[', stdout);
fflush(stdout);
}
for (;;) {
for (;;) {
sd_id128_t boot_id;
int flags = (arg_show_all*OUTPUT_SHOW_ALL |
have_pager*OUTPUT_FULL_WIDTH);
if (need_seek) {
r = sd_journal_next(j);
if (r < 0) {
log_error("Failed to iterate through journal: %s", strerror(-r));
goto finish;
}
}
if (r == 0)
break;
r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
if (r >= 0) {
if (previous_boot_id_valid &&
!sd_id128_equal(boot_id, previous_boot_id))
printf(ANSI_HIGHLIGHT_ON "----- Reboot -----" ANSI_HIGHLIGHT_OFF "\n");
previous_boot_id = boot_id;
previous_boot_id_valid = true;
}
line ++;
r = output_journal(j, arg_output, line, 0, flags);
if (r < 0)
goto finish;
need_seek = true;
}
if (!arg_follow)
break;
r = sd_journal_wait(j, (uint64_t) -1);
if (r < 0) {
log_error("Couldn't wait for log event: %s", strerror(-r));
goto finish;
}
}
if (arg_output == OUTPUT_JSON)
fputs("\n]\n", stdout);
finish:
if (j)
sd_journal_close(j);
pager_close();
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}
