lnav/test/textfile_json_long.0
2024-06-11 23:00:41 -07:00

2 lines
3.0 KiB
Plaintext

{"$schema":"https://lnav.org/schemas/format-v1.schema.json","syslog_log":{"title":"Syslog","description":"The system logger format found on most posix systems.","url":"http://en.wikipedia.org/wiki/Syslog","regex":{"std":{"pattern":"^(?<timestamp>(?:\\S{3,8}\\s+\\d{1,2} \\d{2}:\\d{2}:\\d{2}|\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{3,6})?(?:Z|(?:\\+|-)\\d{2}:\\d{2})))(?: (?<log_hostname>[a-zA-Z0-9:][^ ]+[a-zA-Z0-9]))?(?: \\[CLOUDINIT\\])?(?:(?: syslogd [\\d\\.]+|(?: (?<log_syslog_tag>(?<log_procname>(?:[^\\[: ]+|[^ :]+))(?:\\[(?<log_pid>\\d+)\\](?: \\([^\\)]+\\))?)?))):\\s*(?<body>.*)$|:?(?:(?: ---)? last message repeated \\d+ times?(?: ---)?))"},"rfc5424":{"pattern":"^<(?<log_pri>\\d+)>(?<syslog_version>\\d+) (?<timestamp>\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{6})?(?:[^ ]+)?) (?<log_hostname>[^ ]+|-) (?<log_syslog_tag>(?<log_procname>[^ ]+|-) (?<log_pid>[^ ]+|-) (?<log_msgid>[^ ]+|-)) (?<log_struct>\\[(?:[^\\]\"]|\"(?:\\.|[^\"])+\")*\\]|-|)\\s+(?<body>.*)"}},"level-field":"body","level":{"error":"(?:(?:(?<![a-zA-Z]))(?:(?i)error(?:s)?)(?:(?![a-zA-Z]))|failed|failure)","warning":"(?:(?:(?i)warn)|not responding|init: cannot execute)"},"opid-field":"log_syslog_tag","multiline":true,"module-field":"log_procname","value":{"log_pri":{"kind":"integer","foreign-key":true,"description":"The priority level of the message"},"syslog_version":{"kind":"integer","foreign-key":true,"description":"The version of the syslog format used for this message"},"log_hostname":{"kind":"string","collate":"ipaddress","identifier":true,"description":"The name of the host that generated the message"},"log_procname":{"kind":"string","identifier":true,"description":"The name of the process that generated the message"},"log_pid":{"kind":"string","identifier":true,"action-list":["dump_pid"],"description":"The ID of the process that generated the message"},"log_syslog_tag":{"kind":"string","identifier":true,"description":"The combination of the procname and pid"},"log_msgid":{"kind":"string","identifier":true},"log_struct":{"kind":"struct"}},"action":{"dump_pid":{"label":"Show Process Info","capture-output":true,"cmd":["dump-pid.sh"]}},"sample":[{"line":"Apr 28 04:02:03 tstack-centos5 syslogd 1.4.1: restart."},{"line":"Jun 27 01:47:20 Tims-MacBook-Air.local configd[17]: network changed: v4(en0-:192.168.1.8) DNS- Proxy- SMB"},{"line":"Jun 20 17:26:13 ip-10-188-149-5 [CLOUDINIT] util.py[DEBUG]: Restoring selinux mode for /var/lib/cloud (recursive=False)"},{"line":"<46>1 2017-04-27T07:50:47.381967+02:00 logserver rsyslogd - - [origin software=\"rsyslogd\" swVersion=\"8.4.2\" x-pid=\"900\" x-info=\"http://www.rsyslog.com\"] start"},{"line":"<30>1 2017-04-27T07:59:12+02:00 nextcloud dhclient - - - DHCPREQUEST on eth0 to 192.168.1.1 port 67"},{"line":"<78>1 2017-04-27T08:09:01+02:00 nextcloud CRON 1472 - - (root) CMD ( [ -x /usr/lib/php5/sessionclean ] && /usr/lib/php5/sessionclean)"},{"line":"Aug 1 00:00:03 Tim-Stacks-iMac com.apple.xpc.launchd[1] (com.apple.mdworker.shared.0C000000-0700-0000-0000-000000000000[50989]): Service exited due to SIGKILL | sent by mds[198]"}]}}