Archives/lnav
2
0
Fork 0
mirror of https://github.com/tstack/lnav synced 2024-11-01 21:40:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

[formats] more vmw format updates

Browse Source
This commit is contained in:
Timothy Stack 2022-06-06 21:23:33 -07:00
parent d54f21d7a5
commit 9dbbec832c
7 changed files with 95 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/formats/formats.am
View File

@ -2,7 +2,6 @@
FORMAT_FILES = \
$(srcdir)/%reldir%/access_log.json \
$(srcdir)/%reldir%/alb_log.json \
$(srcdir)/%reldir%/autodeploy_log.json \
$(srcdir)/%reldir%/block_log.json \
$(srcdir)/%reldir%/candlepin_log.json \
$(srcdir)/%reldir%/choose_repo_log.json \
@ -38,5 +37,6 @@ FORMAT_FILES = \
$(srcdir)/%reldir%/vmk_log.json \
$(srcdir)/%reldir%/vmw_log.json \
$(srcdir)/%reldir%/vmw_vc_svc_log.json \
$(srcdir)/%reldir%/vmw_py_log.json \
$(srcdir)/%reldir%/xmlrpc_log.json \
$()

89
src/formats/java_log.json
View File

@ -6,16 +6,41 @@
"url": "",
"regex": {
"jvm": {
"pattern": "^(?<alert_level>\\w+)\\s+\\|\\s+jvm (?<jvm_no>\\d+)\\s+\\|\\s(?<timestamp>\\d{4}/\\d{2}/\\d{2} \\d{2}:\\d{2}:\\d{2})\\s+\\| (?<timestamp_f>\\d{4}-\\d{2}-\\d{2} \\d{2}:\\d{2}:\\d{2},\\d{3}) \\[(?<function>\\w+-\\d+)\\]\\s+(?<debug_level>\\w+)\\s+(?<class>[\\w.]+)\\s+-\\s+(?<body>.*)"
"pattern": "^(?<level>\\w+)\\s+\\|\\s+jvm (?<jvm_no>\\d+)\\s+\\|\\s(?<timestamp>\\d{4}/\\d{2}/\\d{2} \\d{2}:\\d{2}:\\d{2})\\s+\\| (?<timestamp_f>\\d{4}-\\d{2}-\\d{2} \\d{2}:\\d{2}:\\d{2},\\d{3}) \\[(?<function>\\w+-\\d+)\\]\\s+(?<debug_level>\\w+)\\s+(?<class>[\\w.]+)\\s+-\\s+(?<body>.*)"
},
"dump": {
"pattern": "^(?<alert_level>\\w+)\\s+\\|\\s+jvm (?<jvm_no>\\d+)\\s+\\|\\s(?<timestamp>\\d{4}/\\d{2}/\\d{2} \\d{2}:\\d{2}:\\d{2})\\s+\\| JVMDUMP\\w+\\s(?<body>.*)$"
"pattern": "^(?<level>\\w+)\\s+\\|\\s+jvm (?<jvm_no>\\d+)\\s+\\|\\s(?<timestamp>\\d{4}/\\d{2}/\\d{2} \\d{2}:\\d{2}:\\d{2})\\s+\\| JVMDUMP\\w+\\s(?<body>.*)$"
},
"tasko": {
"pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2} \\d{2}:\\d{2}:\\d{2},\\d{3}) \\[(?<function>\\w+-\\d+)\\]\\s+(?<alert_level>\\w+)\\s+(?<class>[\\w.]+)\\s+-\\s+(?<body>.*)$"
"pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+\\[(?<thread>[\\w\\-\\.]+)\\]\\s+(?<level>ERROR|WARN|INFO|DEBUG)\\s+(?<class>[\\w.]+)\\s+(-\\s+)?(?<body>.*)$"
},
"prefix-brackets": {
"pattern": "^\\[(?<timestamp>\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+(?<thread>[\\w\\-\\.]+)\\s+(?<level>ERROR|WARN|INFO|DEBUG)\\s+(?<class>[\\w.]+)(?:\\s+opId=(?<opid>[^\\]]*))?\\]\\s*(-\\s+)?(?<body>.*)$"
},
"in-brackets": {
"pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+\\[(?<thread>[\\w\\-\\.]+)(?:\\s+\\[\\])?\\s+(?<level>ERROR|WARN|INFO|DEBUG)\\s+(?<class>[\\w.]+)(?:\\s+opId=(?<opid>[^\\]]*))?\\]\\s*(-\\s+)?(?<body>.*)$"
},
"nobrackets": {
"pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+(?<thread>[\\w\\-\\.]+)\\s+(?<level>ERROR|WARN|INFO|DEBUG)\\s+(?<class>[\\w.]+)\\s+(-\\s+)?(?<body>.*)$"
},
"vmw1": {
"pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s*\\|\\s*(?<level>ERROR|WARN|INFO|DEBUG)\\s*\\|\\s*(?<thread>[^\\|]+)\\s*\\|\\s*(?<srcfile>[^\\|]+)\\s*\\|\\s*(?<srcline>\\d+)\\s*\\|\\s*(?<body>.*)$"
},
"vmw2": {
"pattern": "^\\[(?<timestamp>\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\]\\s*(?<level>ERROR|WARN|INFO|DEBUG)\\s*\\d+\\[(?<thread>[^\\]]+)\\]\\s+-\\s+(?<class>[^\\(]+)\\.(?<method>\\w+)\\((?<srcfile>[^:]+):(?<srcline>\\d+)\\)\\s+-\\s+(?<body>.*)$"
},
"vmw3": {
"pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s*\\|\\s*(?<level>ERROR|WARN|INFO|DEBUG)\\s*\\|\\s*(?<thread>[^\\|]+)\\s*\\|\\s*(?<class>[^\\|]+)\\s*\\|\\s*(?<body>.*)$"
},
"vmw-sso": {
"pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+(?<level>ERROR|WARN|INFO|DEBUG)\\s+\\w+\\[\\d+:(?<thread>[^\\]]+)\\]\\s+\\[CorId=(?<corid>[^\\s]*)(?:\\s+OpId=(?<opid>[^\\]]*))?\\]\\s+\\[(?<class>[^\\]]+)\\]\\s+(?<body>.*)$"
},
"vmw-sps": {
"pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2}( |T)\\d{2}:\\d{2}:\\d{2}(,|\\.)\\d{3}Z?)\\s+\\[(?<thread>[^\\]]+)\\]\\s+(?<level>ERROR|WARN|INFO|DEBUG)\\s+opId=(?<opid>\\S*)\\s+(?<class>\\S+)\\s+-\\s+(?<body>.*)$"
}
},
"level-field": "alert_level",
"level-field": "level",
"opid-field": "opid",
"level": {
"error": "ERROR",
"warning": "WARN",
@ -27,7 +52,11 @@
"kind": "string",
"identifier": true
},
"alert_level": {
"thread": {
"kind": "string",
"identifier": true
},
"level": {
"kind": "string"
},
"jvm_no": {
@ -36,8 +65,29 @@
"debug_level": {
"kind": "string"
},
"opid": {
"kind": "string",
"identifier": true
},
"corid": {
"kind": "string",
"identifier": true
},
"class": {
"kind": "string"
"kind": "string",
"identifier": true
},
"method": {
"kind": "string",
"identifier": true
},
"srcfile": {
"kind": "string",
"identifier": true
},
"srcline": {
"kind": "string",
"identifier": true
},
"body": {
"kind": "string"
@ -55,6 +105,33 @@
},
{
"line": "INFO | jvm 1 | 2015/05/24 07:35:50 | JVMDUMP013I Processed dump event \"user\", detail \"\"."
},
{
"line": "2022-06-02T12:12:38.414Z phProdLogDrainerTaskExecutor-5 INFO org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi Initializing with trust store at path: /usr/java/jre-vmware/lib/security/cacerts"
},
{
"line": "2022-06-02T12:23:11.514Z | INFO | vim-async-1 | VcEventManager.java | 806 | [EventIndex: 2154] Event posted."
},
{
"line": "2022-06-02T12:23:44.971Z [syncaas-grpc-5 INFO com.vmware.hvc.topology.util.LookupServiceUtil opId=] Local Node id is 9c66ff98-3fee-420c-a2bb-dbe2276c1aab"
},
{
"line": "[2022-06-02T10:45:15.969Z tomcat-http--188 ERROR com.vmware.vim.vmomi.server.http.impl.AsyncServlet30Template] Internal server error during asynchronous request processing"
},
{
"line": "[2022-06-01T13:37:36,371] WARN574240[Thread-35] - com.vmware.observability.observer.Observer.execute(Observer.java:384) - No metric configured for observation from source LimitCollectorPlugin.limit"
},
{
"line": "2022-06-02T12:23:44.070Z INFO tokenservice[83:tomcat-http--36] [CorId=95c59584-4472-4f7c-ad9e-f228b94d9b45 OpId=16205349-254c-4f76-a7f1-aa15aae385c5] [com.vmware.vcenter.tokenservice.ExchangeFacadeImpl] Parsed Caller token; tokenType=SAML2"
},
{
"line": "2022-06-01T13:43:59.791Z [main [] INFO com.vmware.vcenter.trustmanagement.service.TrustManagement opId=] trustmanagement-vlsi.xml"
},
{
"line": "2022-06-02T08:34:01.203Z | INFO | state-manager1 | org.eclipse.jetty.server.session | DefaultSessionIdManager workerName=node0"
},
{
"line": "2022-06-02T11:26:26.803Z [pool-26-thread-1] INFO opId=sps-Main-158837-921 com.vmware.vim.storage.common.util.OperationIdUtil - OperationID present in invoker thread, adding suffix and re-using it - sps-Main-158837-921-169186-507."
}
]
}

2
src/formats/syslog_log.json
View File

@ -6,7 +6,7 @@
"url": "http://en.wikipedia.org/wiki/Syslog",
"regex": {
"std": {
"pattern": "^(?<timestamp>(?:\\S{3,8}\\s+\\d{1,2} \\d{2}:\\d{2}:\\d{2}|\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{3})?Z))(?: (?<log_hostname>[a-zA-Z0-9:][^ ]+[a-zA-Z0-9]))?(?:(?: (?<log_syslog_tag>(?<log_procname>(?:[^\\[:]+|[^:]+))(?:\\[(?<log_pid>\\d+)\\])?):\\s*(?<body>.*))$|:?(?:(?: ---)? last message repeated \\d+ times?(?: ---)?))"
"pattern": "^(?<timestamp>(?:\\S{3,8}\\s+\\d{1,2} \\d{2}:\\d{2}:\\d{2}|\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{3,6})?(?:Z|(?:\\+|-)\\d{2}:\\d{2})))(?: (?<log_hostname>[a-zA-Z0-9:][^ ]+[a-zA-Z0-9]))?(?: \\[CLOUDINIT\\])?(?:(?: (?<log_syslog_tag>(?<log_procname>(?:[^\\[: ]+|[^ :]+))(?:\\[(?<log_pid>\\d+)\\])?):\\s*(?<body>.*))$|:?(?:(?: ---)? last message repeated \\d+ times?(?: ---)?))"
},
"rfc5424": {
"pattern": "^<(?<log_pri>\\d+)>(?<syslog_version>\\d+) (?<timestamp>\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{6})?(?:[^ ]+)?) (?<log_hostname>[^ ]+|-) (?<log_syslog_tag>(?<log_procname>[^ ]+|-) (?<log_pid>[^ ]+|-) (?<log_msgid>[^ ]+|-)) (?<log_struct>\\[(?:[^\\]\"]|\"(?:\\.|[^\"])+\")*\\]|-|)\\s+(?<body>.*)"

11
src/formats/autodeploy_log.json → src/formats/vmw_py_log.json
View File

@ -1,12 +1,12 @@
{
"$schema": "https://lnav.org/schemas/format-v1.schema.json",
"autodeploy_log": {
"title": "VMware vSphere Auto Deploy log format",
"description": "The log format for the VMware Auto Deploy service",
"vmw_py_log": {
"title": "VMware vSphere log format",
"description": "The log format for some VMware vSphere services",
"url": "http://kb.vmware.com/kb/2000988",
"regex": {
"std": {
"pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{3})?) \\[(?<pid>\\d+)\\](?<level>\\w+):(?<module>[\\w-]+):(?<body>.*$)"
"pattern": "^(?<timestamp>\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{3})?(?: (?:AM|PM) UTC)?) \\[(?<pid>\\d+)\\](?<level>ERROR|WARNING|INFO|DEBUG):(?<module>[\\w\\-\\.]+):(?<body>.*$)"
}
},
"level-field": "level",
@ -33,6 +33,9 @@
"sample": [
{
"line": "2015-04-24T21:09:29.296 [25376]INFO:somemodule:Something very INFOrmative."
},
{
"line": "2022-06-01T13:23:25.515 [2376]DEBUG:vmware.vherd.base.detwist:method = com.vmware.appliance.version1.networking.interfaces.list, args = ()"
}
]
}

2
src/logfile_sub_source.cc
View File

@ -2124,7 +2124,7 @@ logfile_sub_source::text_crumbs_for_line(int line,
format->annotate(file_line_number, sbr, sa, values);
auto opid_opt = get_string_attr(sa, logline::L_OPID);
if (opid_opt) {
if (opid_opt && !opid_opt.value().saw_string_attr->sa_range.empty()) {
const auto& opid_range = opid_opt.value().saw_string_attr->sa_range;
const auto opid_str
= sbr.to_string_fragment(opid_range.lr_start, opid_range.length())

4
src/regex101.import.cc
View File

@ -209,9 +209,7 @@ regex101::import(const std::string& url,
named_iter != regex.named_end();
++named_iter)
{
if (strcmp(named_iter->pnc_name, "level") == 0
|| strcmp(named_iter->pnc_name, "body") == 0)
{
if (strcmp(named_iter->pnc_name, "body") == 0) {
// don't need to add this as a value
continue;
}

1
src/time_formats.am
View File

@ -34,6 +34,7 @@ TIME_FORMATS = \
"%b %d %k:%M:%S" \
"%b %d %l:%M:%S" \
"%b %e, %Y %l:%M:%S %p" \
"%b %d, %Y %l:%M:%S %p" \
"%m/%d/%y %H:%M:%S" \
"%m/%d/%Y %I:%M:%S:%L %p %Z" \
"%m/%d/%Y %I:%M:%S %p %Z" \