void
test_rule_value_without_clean(const gchar *program, const gchar *pattern,
const gchar *name, const gchar *value)
{
gboolean result;
LogMessage *msg = log_msg_new_empty();
gboolean found = FALSE;
const gchar *val;
gssize len;
PDBInput input;
log_msg_set_value(msg, LM_V_MESSAGE, pattern, strlen(pattern));
log_msg_set_value(msg, LM_V_PROGRAM, program, 5);
log_msg_set_value(msg, LM_V_HOST, MYHOST, strlen(MYHOST));
log_msg_set_value(msg, LM_V_PID, MYPID, strlen(MYPID));
result = pattern_db_process(patterndb, PDB_INPUT_WRAP_MESSAGE(&input, msg));
val = log_msg_get_value(msg, log_msg_get_value_handle(name), &len);
if (value)
found = strcmp(val, value) == 0;
if (!!value ^ (len > 0))
test_fail("Value '%s' is %smatching for pattern '%s' (%d)\n", name, found ? "" : "not ", pattern, !!result);
log_msg_unref(msg);
}
/*
* NOTE: suppress_lock must be held.
*/
static void
log_writer_last_msg_flush(LogWriter *self)
{
LogMessage *m;
LogPathOptions path_options = LOG_PATH_OPTIONS_INIT;
gchar buf[1024];
gssize len;
const gchar *p;
msg_debug("Suppress timer elapsed, emitting suppression summary",
NULL);
m = log_msg_new_empty();
m->timestamps[LM_TS_STAMP] = m->timestamps[LM_TS_RECVD];
m->pri = self->last_msg->pri;
m->flags = LF_INTERNAL | LF_LOCAL;
p = log_msg_get_value(self->last_msg, LM_V_HOST, &len);
log_msg_set_value(m, LM_V_HOST, p, len);
p = log_msg_get_value(self->last_msg, LM_V_PROGRAM, &len);
log_msg_set_value(m, LM_V_PROGRAM, p, len);
len = g_snprintf(buf, sizeof(buf), "Last message '%.20s' repeated %d times, suppressed by syslog-ng on %s",
log_msg_get_value(self->last_msg, LM_V_MESSAGE, NULL),
self->last_msg_count,
get_local_hostname(NULL));
log_msg_set_value(m, LM_V_MESSAGE, buf, len);
path_options.ack_needed = FALSE;
log_queue_push_tail(self->queue, m, &path_options);
log_writer_last_msg_release(self);
}
LogMessage *
synthetic_message_generate_with_context(SyntheticMessage *self, CorrellationContext *context, GString *buffer)
{
LogMessage *genmsg;
genmsg = _generate_default_message_from_context(self->inherit_mode, context);
switch (context->key.scope)
{
case RCS_PROCESS:
log_msg_set_value(genmsg, LM_V_PID, context->key.pid, -1);
case RCS_PROGRAM:
log_msg_set_value(genmsg, LM_V_PROGRAM, context->key.program, -1);
case RCS_HOST:
log_msg_set_value(genmsg, LM_V_HOST, context->key.host, -1);
case RCS_GLOBAL:
break;
default:
g_assert_not_reached();
break;
}
g_ptr_array_add(context->messages, genmsg);
synthetic_message_apply(self, context, genmsg, buffer);
g_ptr_array_remove_index_fast(context->messages, context->messages->len - 1);
return genmsg;
}
void
test_rule_action_message_tag(const gchar *pattern, gint timeout, gint ndx, const gchar *tag, gboolean set)
{
LogMessage *msg = log_msg_new_empty();
gboolean found, result;
PDBInput input;
log_msg_set_value(msg, LM_V_MESSAGE, pattern, strlen(pattern));
log_msg_set_value(msg, LM_V_PROGRAM, "prog2", 5);
log_msg_set_value(msg, LM_V_HOST, MYHOST, strlen(MYHOST));
log_msg_set_value(msg, LM_V_PID, MYPID, strlen(MYPID));
msg->timestamps[LM_TS_STAMP].tv_sec = msg->timestamps[LM_TS_RECVD].tv_sec;
result = pattern_db_process(patterndb, PDB_INPUT_WRAP_MESSAGE(&input, msg));
if (timeout)
timer_wheel_set_time(patterndb->timer_wheel, timer_wheel_get_time(patterndb->timer_wheel) + timeout + 5);
if (ndx >= messages->len)
{
test_fail("Expected the %d. message, but no such message was returned by patterndb\n", ndx);
goto exit;
}
found = log_msg_is_tag_by_name((LogMessage *) g_ptr_array_index(messages, ndx), tag);
if (set ^ found)
test_fail("Tag '%s' is %sset for pattern '%s' (%d), index %d\n", tag, found ? "" : "not ", pattern, !!result, ndx);
exit:
log_msg_unref(msg);
test_clean_state();
}
static void
_map_key_value_pairs_to_syslog_macros(LogMessage *msg, gchar *key, gchar *value, gssize value_len)
{
if (strcmp(key, "MESSAGE") == 0)
{
log_msg_set_value(msg, LM_V_MESSAGE, value, value_len);
msg_debug("Incoming log entry from journal",
evt_tag_printf("message", "%.*s", (int)value_len, value));
}
else if (strcmp(key, "_HOSTNAME") == 0)
{
log_msg_set_value(msg, LM_V_HOST, value, value_len);
}
else if (strcmp(key, "_PID") == 0)
{
log_msg_set_value(msg, LM_V_PID, value, value_len);
}
else if (strcmp(key, "SYSLOG_FACILITY") == 0)
{
msg->pri = (msg->pri & 7) | atoi(value) << 3;
}
else if (strcmp(key, "PRIORITY") == 0)
{
msg->pri = (msg->pri & ~7) | atoi(value);
}
}
static void
__handle_data(gchar *key, gchar *value, gpointer user_data)
{
gpointer *args = user_data;
LogMessage *msg = args[0];
JournalReaderOptions *options = args[1];
gssize value_len = MIN(strlen(value), options->max_field_size);
if (strcmp(key, "MESSAGE") == 0)
{
log_msg_set_value(msg, LM_V_MESSAGE, value, value_len);
msg_debug("Incoming log entry from journal",
evt_tag_printf("message", "%.*s", (int)value_len, value),
NULL);
}
else if (strcmp(key, "_HOSTNAME") == 0)
{
log_msg_set_value(msg, LM_V_HOST, value, value_len);
}
else if (strcmp(key, "_PID") == 0)
{
log_msg_set_value(msg, LM_V_PID, value, value_len);
}
else if (strcmp(key, "_COMM") == 0)
{
log_msg_set_value(msg, LM_V_PROGRAM, value, value_len);
}
else if (strcmp(key, "SYSLOG_IDENTIFIER") == 0)
{
gssize program_length;
(void)log_msg_get_value(msg, LM_V_PROGRAM, &program_length);
if (program_length == 0)
{
log_msg_set_value(msg, LM_V_PROGRAM, value, value_len);
}
}
else if (strcmp(key, "SYSLOG_FACILITY") == 0)
{
msg->pri = (msg->pri & 7) | atoi(value) << 3;
}
else if (strcmp(key, "PRIORITY") == 0)
{
msg->pri = (msg->pri & ~7) | atoi(value);
}
else
{
if (!options->prefix)
{
log_msg_set_value_by_name(msg, key, value, value_len);
}
else
{
gchar *prefixed_key = g_strdup_printf("%s%s", options->prefix, key);
log_msg_set_value_by_name(msg, prefixed_key, value, value_len);
g_free(prefixed_key);
}
}
}
void
pacct_format_handler(MsgFormatOptions *options, const guchar *data, gsize length, LogMessage *msg)
{
acct_t *rec;
gsize len;
if (length < sizeof(*rec))
{
gchar *buf;
buf = g_strdup_printf("Error parsing process accounting record, record too small; rec_size='%d', expected_size='%d'",
(gint) length, (gint) sizeof(*rec));
log_msg_set_value(msg, LM_V_MESSAGE, buf, -1);
g_free(buf);
return;
}
rec = (acct_t *) data;
if (rec->ac_version != 3)
{
gchar *buf;
buf = g_strdup_printf("Error parsing process accounting record, only the v3 format is supported; version='%d'",
rec->ac_version);
log_msg_set_value(msg, LM_V_MESSAGE, buf, -1);
g_free(buf);
return;
}
if (G_UNLIKELY(!handles_registered))
{
pacct_register_handles();
handles_registered = TRUE;
}
PACCT_FORMAT(msg, rec, ac_flag, "%02x");
PACCT_FORMAT(msg, rec, ac_tty, "%u");
PACCT_FORMAT(msg, rec, ac_exitcode, "%u");
PACCT_FORMAT(msg, rec, ac_uid, "%u");
PACCT_FORMAT(msg, rec, ac_gid, "%u");
PACCT_FORMAT(msg, rec, ac_pid, "%u");
PACCT_FORMAT(msg, rec, ac_ppid, "%u");
PACCT_FORMAT_CONVERT(msg, rec, ac_btime, "%lu.00", PACCT_CONVERT_COMP_TO_ULONG);
PACCT_FORMAT(msg, rec, ac_etime, "%9.2f");
PACCT_FORMAT_CONVERT(msg, rec, ac_utime, "%lu.00", PACCT_CONVERT_COMP_TO_ULONG);
PACCT_FORMAT_CONVERT(msg, rec, ac_stime, "%lu.00", PACCT_CONVERT_COMP_TO_ULONG);
PACCT_FORMAT_CONVERT(msg, rec, ac_mem, "%lu", PACCT_CONVERT_COMP_TO_ULONG);
PACCT_FORMAT_CONVERT(msg, rec, ac_io, "%lu", PACCT_CONVERT_COMP_TO_ULONG);
PACCT_FORMAT_CONVERT(msg, rec, ac_rw, "%lu", PACCT_CONVERT_COMP_TO_ULONG);
PACCT_FORMAT_CONVERT(msg, rec, ac_minflt, "%lu", PACCT_CONVERT_COMP_TO_ULONG);
PACCT_FORMAT_CONVERT(msg, rec, ac_majflt, "%lu", PACCT_CONVERT_COMP_TO_ULONG);
PACCT_FORMAT_CONVERT(msg, rec, ac_swaps, "%lu", PACCT_CONVERT_COMP_TO_ULONG);
if (rec->ac_comm[ACCT_COMM - 1] == 0)
len = strlen(rec->ac_comm);
else
len = ACCT_COMM;
log_msg_set_value(msg, handle_ac_comm, rec->ac_comm, len);
}
static void
log_msg_parse_legacy_program_name(LogMessage *self, const guchar **data, gint *length, guint flags)
{
/* the data pointer will not change */
const guchar *src, *prog_start;
gint left;
src = *data;
left = *length;
prog_start = src;
while (left && *src != ' ' && *src != '[' && *src != ':')
{
src++;
left--;
}
log_msg_set_value(self, LM_V_PROGRAM, (gchar *) prog_start, src - prog_start);
if (left > 0 && *src == '[')
{
const guchar *pid_start = src + 1;
while (left && *src != ' ' && *src != ']' && *src != ':')
{
src++;
left--;
}
if (left)
{
log_msg_set_value(self, LM_V_PID, (gchar *) pid_start, src - pid_start);
}
if (left > 0 && *src == ']')
{
src++;
left--;
}
}
if (left > 0 && *src == ':')
{
src++;
left--;
}
if (left > 0 && *src == ' ')
{
src++;
left--;
}
if ((flags & LP_STORE_LEGACY_MSGHDR))
{
log_msg_set_value(self, LM_V_LEGACY_MSGHDR, (gchar *) *data, *length - left);
self->flags |= LF_LEGACY_MSGHDR;
}
*data = src;
*length = left;
}
LogMessage *
construct_log_message_with_all_bells_and_whistles(void)
{
LogMessage *msg = construct_log_message();
nv_handle = log_msg_get_value_handle("foo");
sd_handle = log_msg_get_value_handle(".SDATA.foo.bar");
log_msg_set_value(msg, nv_handle, "value", -1);
log_msg_set_value(msg, sd_handle, "value", -1);
msg->saddr = g_sockaddr_inet_new("1.2.3.4", 5050);
log_msg_set_tag_by_name(msg, tag_name);
return msg;
}
static LogMessage *
_construct_message_with_nvpair(const gchar *program, const gchar *message, const gchar *name, const gchar *value)
{
LogMessage *msg = log_msg_new_empty();
log_msg_set_value(msg, LM_V_MESSAGE, message, strlen(message));
log_msg_set_value(msg, LM_V_PROGRAM, program, strlen(program));
log_msg_set_value(msg, LM_V_HOST, MYHOST, strlen(MYHOST));
log_msg_set_value(msg, LM_V_PID, MYPID, strlen(MYPID));
if (name)
log_msg_set_value_by_name(msg, name, value, -1);
msg->timestamps[LM_TS_STAMP].tv_sec = msg->timestamps[LM_TS_RECVD].tv_sec;
return msg;
}
void
log_source_mangle_hostname(LogSource *self, LogMessage *msg)
{
const gchar *resolved_name;
gsize resolved_name_len;
const gchar *orig_host;
resolved_name = resolve_sockaddr_to_hostname(&resolved_name_len, msg->saddr, &self->options->host_resolve_options);
log_msg_set_value(msg, LM_V_HOST_FROM, resolved_name, resolved_name_len);
orig_host = log_msg_get_value(msg, LM_V_HOST, NULL);
if (!self->options->keep_hostname || !orig_host || !orig_host[0])
{
gchar host[256];
gint host_len = -1;
if (G_UNLIKELY(self->options->chain_hostnames))
{
msg->flags |= LF_CHAINED_HOSTNAME;
if (msg->flags & LF_LOCAL)
{
/* local */
host_len = g_snprintf(host, sizeof(host), "%s@%s", self->options->group_name, resolved_name);
}
else if (!orig_host || !orig_host[0])
{
/* remote && no hostname */
host_len = g_snprintf(host, sizeof(host), "%s/%s", resolved_name, resolved_name);
}
else
{
/* everything else, append source hostname */
if (orig_host && orig_host[0])
host_len = g_snprintf(host, sizeof(host), "%s/%s", orig_host, resolved_name);
else
{
strncpy(host, resolved_name, sizeof(host));
/* just in case it is not zero terminated */
host[255] = 0;
}
}
log_msg_set_value(msg, LM_V_HOST, host, host_len);
}
else
{
log_msg_set_value(msg, LM_V_HOST, resolved_name, resolved_name_len);
}
}
}
LogMessage *
create_empty_message(void)
{
LogMessage *msg;
char *msg_str = "<155>2006-02-11T10:34:56+01:00 bzorp syslog-ng[23323]:árvíztűrőtükörfúrógép";
GSockAddr *saddr;
saddr = g_sockaddr_inet_new("10.11.12.13", 1010);
msg = log_msg_new(msg_str, strlen(msg_str), saddr, &parse_options);
g_sockaddr_unref(saddr);
log_msg_set_match(msg, 0, "whole-match", -1);
log_msg_set_match(msg, 1, "first-match", -1);
log_msg_set_tag_by_name(msg, "alma");
log_msg_set_tag_by_name(msg, "korte");
log_msg_clear_tag_by_name(msg, "narancs");
log_msg_set_tag_by_name(msg, "citrom");
msg->rcptid = 555;
msg->host_id = 0xcafebabe;
/* fix some externally or automatically defined values */
log_msg_set_value(msg, LM_V_HOST_FROM, "kismacska", -1);
msg->timestamps[LM_TS_RECVD].tv_sec = 1139684315;
msg->timestamps[LM_TS_RECVD].tv_usec = 639000;
msg->timestamps[LM_TS_RECVD].zone_offset = get_local_timezone_ofs(1139684315);
return msg;
}
static void
log_msg_parse_column(LogMessage *self, NVHandle handle, const guchar **data, gint *length, gint max_length)
{
const guchar *src, *space;
gint left;
src = *data;
left = *length;
space = memchr(src, ' ', left);
if (space)
{
left -= space - src;
src = space;
}
else
{
src = src + left;
left = 0;
}
if (left)
{
if ((*length - left) > 1 || (*data)[0] != '-')
{
gint len = (*length - left) > max_length ? max_length : (*length - left);
log_msg_set_value(self, handle, (gchar *) *data, len);
}
}
*data = src;
*length = left;
}
static gboolean
log_msg_parse_seq(LogMessage *self, const guchar **data, gint *length)
{
const guchar *src = *data;
gint left = *length;
while (left && *src != ':')
{
if (!isdigit(*src))
return FALSE;
src++;
left--;
}
src++;
left--;
/* if the next char is not space, then we may try to read a date */
if (*src != ' ')
return FALSE;
log_msg_set_value(self, cisco_seqid, (gchar *) *data, *length - left - 1);
*data = src;
*length = left;
return TRUE;
}
static void
pdb_message_apply(PDBMessage *self, PDBContext *context, LogMessage *msg, GString *buffer)
{
gint i;
if (self->tags)
{
for (i = 0; i < self->tags->len; i++)
log_msg_set_tag_by_id(msg, g_array_index(self->tags, LogTagId, i));
}
if (self->values)
{
for (i = 0; i < self->values->len; i++)
{
log_template_format_with_context(g_ptr_array_index(self->values, i),
context ? (LogMessage **) context->messages->pdata : &msg,
context ? context->messages->len : 1,
NULL, LTZ_LOCAL, 0, context ? context->key.session_id : NULL, buffer);
log_msg_set_value(msg,
log_msg_get_value_handle(((LogTemplate *) g_ptr_array_index(self->values, i))->name),
buffer->str, buffer->len);
}
}
}
static void
_set_program(JournalReaderOptions *options, LogMessage *msg)
{
gssize value_length = 0;
const gchar *value = _get_value_from_message(options, msg, "SYSLOG_IDENTIFIER", &value_length);
if (value_length > 0)
{
log_msg_set_value(msg, LM_V_PROGRAM, value, value_length);
}
else
{
value = _get_value_from_message(options, msg, "_COMM", &value_length);
log_msg_set_value(msg, LM_V_PROGRAM, value, value_length);
}
}
void
msg_format_inject_parse_error(LogMessage *msg, const guchar *data, gsize length)
{
gchar buf[2048];
log_msg_clear(msg);
msg->timestamps[LM_TS_STAMP] = msg->timestamps[LM_TS_RECVD];
log_msg_set_value(msg, LM_V_HOST, "", 0);
g_snprintf(buf, sizeof(buf), "Error processing log message: %.*s", (gint) length, data);
log_msg_set_value(msg, LM_V_MESSAGE, buf, -1);
log_msg_set_value(msg, LM_V_PROGRAM, "syslog-ng", 9);
g_snprintf(buf, sizeof(buf), "%d", (int) getpid());
log_msg_set_value(msg, LM_V_PID, buf, -1);
msg->pri = LOG_SYSLOG | LOG_ERR;
}
static LogMessage *
copy_str_into_log_message(const gchar *message)
{
LogMessage *msg = log_msg_new_empty();
log_msg_set_value(msg, LM_V_MESSAGE, message, -1);
return msg;
}
void
test_pattern(const gchar *pattern, const gchar *rule, gboolean match)
{
gboolean result;
LogMessage *msg = log_msg_new_empty();
static LogTemplate *templ;
GString *res = g_string_sized_new(128);
static TimeZoneInfo *tzinfo = NULL;
PDBInput input;
if (!tzinfo)
tzinfo = time_zone_info_new(NULL);
if (!templ)
{
templ = log_template_new(configuration, "dummy");
log_template_compile(templ, "$TEST", NULL);
}
log_msg_set_value(msg, LM_V_HOST, MYHOST, strlen(MYHOST));
log_msg_set_value(msg, LM_V_PROGRAM, "test", strlen(MYHOST));
log_msg_set_value(msg, LM_V_MESSAGE, pattern, strlen(pattern));
result = pattern_db_process(patterndb, PDB_INPUT_WRAP_MESSAGE(&input, msg));
log_template_format(templ, msg, NULL, LTZ_LOCAL, 0, NULL, res);
if (strcmp(res->str, pattern) == 0)
{
test_msg("Rule: '%s' Value '%s' is inserted into $TEST res:(%s)\n", rule, pattern, res->str);
}
if ((match && !result) || (!match && result))
{
test_fail("FAIL: Value '%s' is %smatching for pattern '%s' \n", rule, !!result ? "" : "not ", pattern);
}
else
{
test_msg("Value '%s' is %smatching for pattern '%s' \n", rule, !!result ? "" : "not ", pattern);
}
g_string_free(res, TRUE);
log_msg_unref(msg);
}
static LogMessage *
_construct_logmsg(const gchar *msg)
{
LogMessage *logmsg;
logmsg = log_msg_new_empty();
log_msg_set_value(logmsg, LM_V_MESSAGE, msg, -1);
return logmsg;
}
static void
log_writer_last_msg_flush(LogWriter *self)
{
LogMessage *m;
LogPathOptions path_options = LOG_PATH_OPTIONS_INIT;
gchar hostname[256];
gchar buf[1024];
gssize len;
const gchar *p;
msg_debug("Suppress timer elapsed, emitting suppression summary",
NULL);
getlonghostname(hostname, sizeof(hostname));
m = log_msg_new_empty();
m->timestamps[LM_TS_STAMP] = m->timestamps[LM_TS_RECVD];
m->pri = self->last_msg->pri;
m->flags = LF_INTERNAL | LF_LOCAL;
p = log_msg_get_value(self->last_msg, LM_V_HOST, &len);
log_msg_set_value(m, LM_V_HOST, p, len);
p = log_msg_get_value(self->last_msg, LM_V_PROGRAM, &len);
log_msg_set_value(m, LM_V_PROGRAM, p, len);
len = g_snprintf(buf, sizeof(buf), "Last message '%.20s' repeated %d times, supressed by syslog-ng on %s",
log_msg_get_value(self->last_msg, LM_V_MESSAGE, NULL),
self->last_msg_count,
hostname);
log_msg_set_value(m, LM_V_MESSAGE, buf, len);
path_options.flow_control = FALSE;
if (!log_queue_push_tail(self->queue, m, &path_options))
{
stats_counter_inc(self->dropped_messages);
msg_debug("Destination queue full, dropping suppressed message",
evt_tag_int("queue_len", log_queue_get_length(self->queue)),
evt_tag_int("mem_fifo_size", self->options->mem_fifo_size),
NULL);
log_msg_drop(m, &path_options);
}
log_writer_last_msg_release(self);
}
LogMessage *
construct_log_message(void)
{
const gchar *raw_msg = "foo";
LogMessage *msg;
msg = log_msg_new(raw_msg, strlen(raw_msg), NULL, &parse_options);
log_msg_set_value(msg, LM_V_HOST, raw_msg, -1);
return msg;
}
void
set_new_log_message_attributes(LogMessage *log_message)
{
log_msg_set_value(log_message, LM_V_HOST, "newhost", -1);
log_msg_set_value(log_message, LM_V_HOST_FROM, "newhost", -1);
log_msg_set_value(log_message, LM_V_MESSAGE, "newmsg", -1);
log_msg_set_value(log_message, LM_V_PROGRAM, "newprogram", -1);
log_msg_set_value(log_message, LM_V_PID, "newpid", -1);
log_msg_set_value(log_message, LM_V_MSGID, "newmsgid", -1);
log_msg_set_value(log_message, LM_V_SOURCE, "newsource", -1);
log_msg_set_value(log_message, log_msg_get_value_handle("newvalue"), "newvalue", -1);
}
void
test_rule_tag(const gchar *pattern, const gchar *tag, gboolean set)
{
LogMessage *msg = log_msg_new_empty();
gboolean found, result;
PDBInput input;
log_msg_set_value(msg, LM_V_MESSAGE, pattern, strlen(pattern));
log_msg_set_value(msg, LM_V_PROGRAM, "prog2", 5);
log_msg_set_value(msg, LM_V_HOST, MYHOST, strlen(MYHOST));
log_msg_set_value(msg, LM_V_PID, MYPID, strlen(MYPID));
result = pattern_db_process(patterndb, PDB_INPUT_WRAP_MESSAGE(&input, msg));
found = log_msg_is_tag_by_name(msg, tag);
if (set ^ found)
test_fail("Tag '%s' is %sset for pattern '%s' (%d)\n", tag, found ? "" : "not ", pattern, !!result);
log_msg_unref(msg);
test_clean_state();
}
static void
log_rewrite_set_process(LogRewrite *s, LogMessage *msg)
{
LogRewriteSet *self = (LogRewriteSet *) s;
GString *result;
result = g_string_sized_new(64);
log_template_format(self->value_template, msg, NULL, LTZ_LOCAL, 0, result);
log_msg_set_value(msg, self->super.value_handle, result->str, result->len);
g_string_free(result, TRUE);
}
static void
log_rewrite_set_process(LogRewrite *s, LogMessage **pmsg, const LogPathOptions *path_options)
{
LogRewriteSet *self = (LogRewriteSet *) s;
GString *result;
result = g_string_sized_new(64);
log_template_format(self->value_template, *pmsg, NULL, LTZ_LOCAL, 0, NULL, result);
log_msg_make_writable(pmsg, path_options);
log_msg_set_value(*pmsg, self->super.value_handle, result->str, result->len);
g_string_free(result, TRUE);
}
static void
affile_sd_queue(LogPipe *s, LogMessage *msg, const LogPathOptions *path_options)
{
AFFileSourceDriver *self = (AFFileSourceDriver *) s;
static NVHandle filename_handle = 0;
if (!filename_handle)
filename_handle = log_msg_get_value_handle("FILE_NAME");
log_msg_set_value(msg, filename_handle, self->filename->str, self->filename->len);
log_pipe_forward_msg(s, msg, path_options);
}
static void
affile_sd_queue(LogPipe *s, LogMessage *msg, const LogPathOptions *path_options, gpointer user_data)
{
AFFileSourceDriver *self = (AFFileSourceDriver *) s;
static NVHandle filename_handle = 0;
if (!filename_handle)
filename_handle = log_msg_get_value_handle("FILE_NAME");
log_msg_set_value(msg, filename_handle, self->filename->str, self->filename->len);
log_src_driver_queue_method(s, msg, path_options, user_data);
}
static void
log_source_group_queue(LogPipe *s, LogMessage *msg, const LogPathOptions *path_options)
{
LogSourceGroup *self = (LogSourceGroup *) s;
GlobalConfig *cfg = log_pipe_get_config(s);
log_msg_set_value(msg, LM_V_SOURCE, self->name, self->name_len);
if (msg->flags & LF_LOCAL)
afinter_postpone_mark(cfg->mark_freq);
log_pipe_queue(self->super.pipe_next, msg, path_options);
(*self->processed_messages)++;
}
int
testcase_replace(const gchar *log, const gchar *re, gchar *replacement, const gchar *expected_result, const gint matcher_flags, LogMatcher *m)
{
LogMessage *msg;
LogTemplate *r;
gchar *result;
gssize length;
gchar buf[1024];
gssize msglen;
NVHandle nonasciiz = log_msg_get_value_handle("NON-ASCIIZ");
const gchar *value;
GSockAddr *sa;
sa = g_sockaddr_inet_new("10.10.10.10", 1010);
msg = log_msg_new(log, strlen(log), sa, &parse_options);
g_sockaddr_unref(sa);
/* NOTE: we test how our matchers cope with non-zero terminated values. We don't change message_len, only the value */
g_snprintf(buf, sizeof(buf), "%sAAAAAAAAAAAA", log_msg_get_value(msg, LM_V_MESSAGE, &msglen));
log_msg_set_value(msg, log_msg_get_value_handle("MESSAGE2"), buf, -1);
/* add a non-zero terminated indirect value which contains the whole message */
log_msg_set_value_indirect(msg, nonasciiz, log_msg_get_value_handle("MESSAGE2"), 0, 0, msglen);
log_matcher_set_flags(m, matcher_flags);
log_matcher_compile(m, re);
r = log_template_new(configuration, NULL);
log_template_compile(r, replacement, NULL);
NVTable *nv_table = nv_table_ref(msg->payload);
value = log_msg_get_value(msg, nonasciiz, &msglen);
result = log_matcher_replace(m, msg, nonasciiz, value, msglen, r, &length);
value = log_msg_get_value(msg, nonasciiz, &msglen);
nv_table_unref(nv_table);
if (strncmp(result ? result : value, expected_result, result ? length : msglen) != 0)
{
fprintf(stderr, "Testcase failure. pattern=%s, result=%.*s, expected=%s\n", re, (gint) length, result ? result : value, expected_result);
exit(1);
}
g_free(result);
log_template_unref(r);
log_matcher_unref(m);
log_msg_unref(msg);
return 0;
}
