static void test_skip(void (*setup)(void)) { char t[] = "/tmp/journal-skip-XXXXXX"; sd_journal *j; int r; assert_se(mkdtemp(t)); assert_se(chdir(t) >= 0); setup(); /* Seek to head, iterate down. */ assert_ret(sd_journal_open_directory(&j, t, 0)); assert_ret(sd_journal_seek_head(j)); assert_ret(sd_journal_next(j)); test_check_numbers_down(j, 4); sd_journal_close(j); /* Seek to tail, iterate up. */ assert_ret(sd_journal_open_directory(&j, t, 0)); assert_ret(sd_journal_seek_tail(j)); assert_ret(sd_journal_previous(j)); test_check_numbers_up(j, 4); sd_journal_close(j); /* Seek to tail, skip to head, iterate down. */ assert_ret(sd_journal_open_directory(&j, t, 0)); assert_ret(sd_journal_seek_tail(j)); assert_ret(r = sd_journal_previous_skip(j, 4)); assert_se(r == 4); test_check_numbers_down(j, 4); sd_journal_close(j); /* Seek to head, skip to tail, iterate up. */ assert_ret(sd_journal_open_directory(&j, t, 0)); assert_ret(sd_journal_seek_head(j)); assert_ret(r = sd_journal_next_skip(j, 4)); assert_se(r == 4); test_check_numbers_up(j, 4); sd_journal_close(j); log_info("Done..."); if (arg_keep) log_info("Not removing %s", t); else { journal_directory_vacuum(".", 3000000, 0, 0, NULL); assert_se(rm_rf_dangerous(t, false, true, false) >= 0); } puts("------------------------------------------------------------"); }
static int journal_seek_tail (lua_State *L) { sd_journal *j = check_journal(L, 1); int err = sd_journal_seek_tail(j); if (err != 0) return handle_error(L, -err); lua_pushboolean(L, 1); return 1; }
int main(int argc, char** argv){ int r; char* end; sd_journal *j; riemann_client_t *c; riemann_message_t *req, *res; riemann_event_t *event; int after_wait = 0; r = sd_journal_open(&j, 0); assert(r == 0); if(argc != 3 && argc != 6){ fprintf(stderr,"usage: journal2riemann <host> <port> [<ca-file> <cert-file> <key-file>]\n"); fprintf(stderr,"example: journal2riemann 127.0.0.1 5555\n"); exit(1); } long port = strtol(argv[2],&end,10); if(argc >= 6){ c = riemann_client_create ( RIEMANN_CLIENT_TLS, argv[1], port, RIEMANN_CLIENT_OPTION_TLS_CA_FILE, argv[3], RIEMANN_CLIENT_OPTION_TLS_CERT_FILE, argv[4], RIEMANN_CLIENT_OPTION_TLS_KEY_FILE, argv[5], RIEMANN_CLIENT_OPTION_TLS_HANDSHAKE_TIMEOUT, 10000, RIEMANN_CLIENT_OPTION_NONE); }else{ c = riemann_client_create (RIEMANN_CLIENT_TCP, argv[1], port); } r = sd_journal_seek_tail(j); assert(r == 0); for (;;) { const void *field; size_t len; r = sd_journal_next(j); assert (r >= 0); if (r == 0) { // if no more log available, wait for new ones r = sd_journal_wait(j, (uint64_t) -1); assert (r >= 0); after_wait = 1; continue; } else if (!after_wait){ // skip all logs before the first wait continue; } event = riemann_event_create(RIEMANN_EVENT_FIELD_NONE); strncpy(servicename,"journal",8); SD_JOURNAL_FOREACH_DATA(j, field, len){ char* attr = ""; enum RiemannType type; void* val; int matched = NOMATCH; MATCH(F,RIEMANN_EVENT_FIELD_DESCRIPTION , STRING , "MESSAGE=") MATCH(A,"message_id" , STRING , "MESSAGE_ID=") MATCH(F,RIEMANN_EVENT_FIELD_STATE , STATE , "PRIORITY=") MATCH(F,MATCHNOTHING , STRING , "CODE_FILE=") MATCH(F,MATCHNOTHING , STRING , "CODE_LINE=") MATCH(F,MATCHNOTHING , STRING , "CODE_FUNC=") MATCH(F,MATCHNOTHING , STRING , "ERRNO=") MATCH(F,MATCHNOTHING , STRING , "SYSLOG_FACILITY=") MATCH(F,MATCHNOTHING , STRING , "SYSLOG_IDENTIFIER=") MATCH(F,MATCHNOTHING , STRING , "SYSLOG_PID=") MATCH(F,MATCHNOTHING , STRING , "_PID=") MATCH(F,MATCHNOTHING , STRING , "_UID=") MATCH(F,MATCHNOTHING , STRING , "_GID=") MATCH(F,MATCHNOTHING , STRING , "_COMM=") MATCH(F,MATCHNOTHING , STRING , "_EXE=") MATCH(A,"command_line" , STRING , "_CMDLINE=") MATCH(F,MATCHNOTHING , STRING , "_CAP_EFFECTIVE=") MATCH(F,MATCHNOTHING , STRING , "_AUDIT_SESSION=") MATCH(F,MATCHNOTHING , STRING , "_AUDIT_LOGINUID=") MATCH(F,MATCHNOTHING , STRING , "_SYSTEMD_CGROUP=") MATCH(F,MATCHNOTHING , STRING , "_SYSTEMD_SESSION=") MATCH(F,SERVICEPART , STRING , "_SYSTEMD_UNIT=") MATCH(F,MATCHNOTHING , STRING , "_SYSTEMD_USER_UNIT=") MATCH(F,MATCHNOTHING , STRING , "_SYSTEMD_OWNER_UID=") MATCH(F,MATCHNOTHING , STRING , "_SYSTEMD_SLICE=") MATCH(F,MATCHNOTHING , STRING , "_SELINUX_CONTEXT=") MATCH(F,RIEMANN_EVENT_FIELD_TIME , TIME , "_SOURCE_REALTIME_TIMESTAMP=") MATCH(F,MATCHNOTHING , STRING , "_BOOT_ID=") MATCH(F,MATCHNOTHING , STRING , "_MACHINE_ID=") MATCH(F,RIEMANN_EVENT_FIELD_HOST , STRING , "_HOSTNAME=") MATCH(F,MATCHNOTHING , STRING , "_TRANSPORT=") MATCH(F,MATCHNOTHING , STRING , "_KERNEL_DEVICE=") MATCH(F,MATCHNOTHING , STRING , "_KERNEL_SUBSYSTEM=") MATCH(F,MATCHNOTHING , STRING , "_UDEV_SYSNAME=") MATCH(F,MATCHNOTHING , STRING , "_UDEV_DEVNODE=") MATCH(F,MATCHNOTHING , STRING , "_UDEV_DEVLINK=") MATCH(F,MATCHNOTHING , STRING , "COREDUMP_UNIT=") MATCH(F,MATCHNOTHING , STRING , "COREDUMP_USER_UNIT=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_UID=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_GID=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_COMM=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_EXE=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_CMDLINE=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_AUDIT_SESSION=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_AUDIT_LOGINUID=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_SYSTEMD_CGROUP=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_SYSTEMD_SESSION=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_SYSTEMD_OWNER_UID=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_SYSTEMD_UNIT=") MATCH(F,MATCHNOTHING , STRING , "OBJECT_SYSTEMD_USER_UNIT=") MATCH(F,MATCHNOTHING , STRING , "__CURSOR=") MATCH(F,MATCHNOTHING , STRING , "__REALTIME_TIMESTAMP=") MATCH(F,MATCHNOTHING , STRING , "__MONOTONIC_TIMESTAMP=") if(matched != MATCHNOTHING && matched != NOMATCH){ memcpy(valuebuf,field,len); *(valuebuf+len) = 0; switch(type){ case STATE: val = (void*) states[atoi(valuebuf)]; break; case TIME: *(valuebuf+len-6) = 0; long t = strtol(valuebuf,&end,10); val = (int64_t) t; break; default: val = (void*) valuebuf; } switch(matched){ case ATTRIBUTE: riemann_event_string_attribute_add(event,attr,valuebuf); break; case TAG: riemann_event_tag_add(event,valuebuf); break; case SERVICEPART: if(len > 0){ strncat(servicename," ",2); strncat(servicename,valuebuf,len+1); } break; default: riemann_event_set(event,matched,val,RIEMANN_EVENT_FIELD_NONE); } } } riemann_event_set(event,RIEMANN_EVENT_FIELD_SERVICE,servicename,RIEMANN_EVENT_FIELD_NONE); req = riemann_message_create_with_events(event, NULL); res = riemann_communicate(c, req); if (!res) { fprintf (stderr, "Error communicating with Riemann: %s\n", strerror (errno)); exit (1); } if (res->error) { fprintf (stderr, "Error communicating with Riemann: %s\n", res->error); exit (1); } if (res->has_ok && !res->ok) { fprintf (stderr, "Error communicating with Riemann: %s\n", strerror (errno)); exit (1); } riemann_message_free(res); }
QStringList UnitModel::getLastJrnlEntries(QString unit) const { QString match1, match2; int r, jflags; QStringList reply; const void *data; size_t length; uint64_t time; sd_journal *journal; if (!userBus.isEmpty()) { match1 = QString("USER_UNIT=" + unit); jflags = (SD_JOURNAL_LOCAL_ONLY | SD_JOURNAL_CURRENT_USER); } else { match1 = QString("_SYSTEMD_UNIT=" + unit); match2 = QString("UNIT=" + unit); jflags = (SD_JOURNAL_LOCAL_ONLY | SD_JOURNAL_SYSTEM); } r = sd_journal_open(&journal, jflags); if (r != 0) { qDebug() << "Failed to open journal"; return reply; } sd_journal_flush_matches(journal); r = sd_journal_add_match(journal, match1.toUtf8(), 0); if (r != 0) return reply; if (!match2.isEmpty()) { sd_journal_add_disjunction(journal); r = sd_journal_add_match(journal, match2.toUtf8(), 0); if (r != 0) return reply; } r = sd_journal_seek_tail(journal); if (r != 0) return reply; // Fetch the last 5 entries for (int i = 0; i < 5; ++i) { r = sd_journal_previous(journal); if (r == 1) { QString line; // Get the date and time r = sd_journal_get_realtime_usec(journal, &time); if (r == 0) { QDateTime date; date.setMSecsSinceEpoch(time/1000); line.append(date.toString("yyyy.MM.dd hh:mm")); } // Color messages according to priority r = sd_journal_get_data(journal, "PRIORITY", &data, &length); if (r == 0) { int prio = QString::fromUtf8((const char *)data, length).section('=',1).toInt(); if (prio <= 3) line.append("<span style='color:tomato;'>"); else if (prio == 4) line.append("<span style='color:khaki;'>"); else line.append("<span style='color:palegreen;'>"); } // Get the message itself r = sd_journal_get_data(journal, "MESSAGE", &data, &length); if (r == 0) { line.append(": " + QString::fromUtf8((const char *)data, length).section('=',1) + "</span>"); if (line.length() > 195) line = QString(line.left(195) + "..." + "</span>"); reply << line; } } else // previous failed, no more entries return reply; } sd_journal_close(journal); return reply; }
void systemd_init(pmdaInterface *dp) { int sts; int journal_fd; dp->version.six.desc = systemd_desc; dp->version.six.fetch = systemd_fetch; dp->version.six.text = systemd_text; dp->version.six.attribute = systemd_contextAttributeCallBack; pmdaSetFetchCallBack(dp, systemd_fetchCallBack); pmdaSetEndContextCallBack(dp, systemd_end_contextCallBack); pmdaInit(dp, NULL, 0, metrictab, sizeof(metrictab)/sizeof(metrictab[0])); /* Initialize the systemd side. This is failure-tolerant. */ /* XXX: SD_JOURNAL_{LOCAL|RUNTIME|SYSTEM}_ONLY */ sts = sd_journal_open(& journald_context, 0); if (sts < 0) { __pmNotifyErr(LOG_ERR, "sd_journal_open failure: %s", strerror(-sts)); dp->status = sts; return; } sts = sd_journal_open(& journald_context_seeky, 0); if (sts < 0) { __pmNotifyErr(LOG_ERR, "sd_journal_open #2 failure: %s", strerror(-sts)); dp->status = sts; return; } sts = sd_journal_seek_tail(journald_context); if (sts < 0) { __pmNotifyErr(LOG_ERR, "sd_journal_seek_tail failure: %s", strerror(-sts)); } /* Work around RHBZ979487. */ sts = sd_journal_previous_skip(journald_context, 1); if (sts < 0) { __pmNotifyErr(LOG_ERR, "sd_journal_previous_skip failure: %s", strerror(-sts)); } /* Arrange to wake up for journal events. */ journal_fd = sd_journal_get_fd(journald_context); if (journal_fd < 0) { __pmNotifyErr(LOG_ERR, "sd_journal_get_fd failure: %s", strerror(-journal_fd)); /* NB: not a fatal error; the select() loop will still time out and periodically poll. This makes it ok for sd_journal_reliable_fd() to be 0. */ } else { FD_SET(journal_fd, &fds); if (journal_fd > maxfd) maxfd = journal_fd; } /* NB: One queue is used for both .records and .records_raw; they just use different decoder callbacks. */ queue_entries = pmdaEventNewQueue("systemd", maxmem); if (queue_entries < 0) __pmNotifyErr(LOG_ERR, "pmdaEventNewQueue failure: %s", pmErrStr(queue_entries)); }
int main(int argc, char *argv[]) { int r; sd_journal *j = NULL; unsigned line = 0; bool need_seek = false; sd_id128_t previous_boot_id; bool previous_boot_id_valid = false; bool have_pager; log_parse_environment(); log_open(); r = parse_argv(argc, argv); if (r <= 0) goto finish; if (arg_new_id128) { r = generate_new_id128(); goto finish; } #ifdef HAVE_ACL if (!arg_quiet && geteuid() != 0 && in_group("adm") <= 0) log_warning("Showing user generated messages only. Users in the group 'adm' can see all messages. Pass -q to turn this message off."); #endif if (arg_directory) r = sd_journal_open_directory(&j, arg_directory, 0); else r = sd_journal_open(&j, arg_local ? SD_JOURNAL_LOCAL_ONLY : 0); if (r < 0) { log_error("Failed to open journal: %s", strerror(-r)); goto finish; } if (arg_print_header) { journal_print_header(j); r = 0; goto finish; } r = add_this_boot(j); if (r < 0) goto finish; r = add_matches(j, argv + optind); if (r < 0) goto finish; if (!arg_quiet) { usec_t start, end; char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX]; r = sd_journal_get_cutoff_realtime_usec(j, &start, &end); if (r < 0) { log_error("Failed to get cutoff: %s", strerror(-r)); goto finish; } if (r > 0) { if (arg_follow) printf("Logs begin at %s.\n", format_timestamp(start_buf, sizeof(start_buf), start)); else printf("Logs begin at %s, end at %s.\n", format_timestamp(start_buf, sizeof(start_buf), start), format_timestamp(end_buf, sizeof(end_buf), end)); } } if (arg_lines >= 0) { r = sd_journal_seek_tail(j); if (r < 0) { log_error("Failed to seek to tail: %s", strerror(-r)); goto finish; } r = sd_journal_previous_skip(j, arg_lines); } else { r = sd_journal_seek_head(j); if (r < 0) { log_error("Failed to seek to head: %s", strerror(-r)); goto finish; } r = sd_journal_next(j); } if (r < 0) { log_error("Failed to iterate through journal: %s", strerror(-r)); goto finish; } have_pager = !arg_no_pager && !arg_follow; if (have_pager) { columns(); pager_open(); } if (arg_output == OUTPUT_JSON) { fputc('[', stdout); fflush(stdout); } for (;;) { for (;;) { sd_id128_t boot_id; int flags = (arg_show_all*OUTPUT_SHOW_ALL | have_pager*OUTPUT_FULL_WIDTH); if (need_seek) { r = sd_journal_next(j); if (r < 0) { log_error("Failed to iterate through journal: %s", strerror(-r)); goto finish; } } if (r == 0) break; r = sd_journal_get_monotonic_usec(j, NULL, &boot_id); if (r >= 0) { if (previous_boot_id_valid && !sd_id128_equal(boot_id, previous_boot_id)) printf(ANSI_HIGHLIGHT_ON "----- Reboot -----" ANSI_HIGHLIGHT_OFF "\n"); previous_boot_id = boot_id; previous_boot_id_valid = true; } line ++; r = output_journal(j, arg_output, line, 0, flags); if (r < 0) goto finish; need_seek = true; } if (!arg_follow) break; r = sd_journal_wait(j, (uint64_t) -1); if (r < 0) { log_error("Couldn't wait for log event: %s", strerror(-r)); goto finish; } } if (arg_output == OUTPUT_JSON) fputs("\n]\n", stdout); finish: if (j) sd_journal_close(j); pager_close(); return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; }