filter-syslog Change History

2.3 (2012-05-19)

Clarify the regular expression type in the documentation.

Lines changed: +9 -9

2.2 (2012-05-12)

Support the rsyslogd raw format and ISO 8601 timestamp format. Tighten the regex matching the default syslog format to avoid mis-matching lines in a different format.

Lines changed: +8 -6

2.1 (2012-02-14)

Clarify in the documentation that, in /regex/.../regex/ rules, the regexes are matched against the entire line, including the timestamp and program name.

Lines changed: +11 -9

2.0 (2011-12-26)

Update the copyright and license documentation section and call this release 2.0, given the range and Apache support.

Lines changed: +3 -3

1.25 (2011-12-26)

Add support for filtering Apache error logs. The timestamp and client IP are stripped out, and the "program" is apache followed by a dash and the log level.

Also make some tweaks to the documentation and add an example of filter ranges.

Lines changed: +55 -15

1.24 (2011-12-26)

Add support for filtering ranges. Currently, these both have to be raw regexes and the syntax requires they both be on the same line. Ranges whose end-point is not found before the end of the file or within 1000 lines will be reprocessed.

This required a significant restructuring of the code and a new state hash, with most of the work moved into a new sub.

Lines changed: +249 -125

1.23 (2010-01-02)

Add a third type of configuration line that specifies a regex to match against the entire syslog line, which can be used to filter out non-standard or malformatted lines (such as ones where the program contains whitespace).

Lines changed: +46 -14

1.22 (2009-12-08)

Support a regex that matches program names in addition to simple matches and * patterns. Use our instead of use vars. Fix reporting of sendmail's exit status.

Lines changed: +28 -11

1.21 (2008-12-21)

Expand the regex used to match the syslog version in restart messages. Ubuntu includes "ubuntu" in the version string, so the regex needs to match alphanumerics rather than just numbers.

Lines changed: +2 -2

1.20 (2007-04-13)

Remove trailing whitespace from syslog lines before matching them against regexes.

Lines changed: +16 -11

1.19 (2006-04-29)

Refactor the code to try a list of regexes when parsing syslog lines, and with that new structure deal with OpenBSD forwarded syslog messages. Do some appropriate reformatting of them if reporting them.

Broaden the special case for Linux syslogd startup messages slightly to catch some additional variations.

Lines changed: +44 -12

1.18 (2004-11-04)

Change the name of the file handle used for parsing configuration files and localize it so that recursive invocations to handle include directives don't clobber the parent file handles.

Lines changed: +6 -4

1.17 (2004-08-24)

Support including other config files or directories of config files in the config file. Search /etc and /etc/leland in that order for config files rather than just /etc/leland (in preparation for a Debian package). Look for a default config file named filter-syslog.conf if none is specified. Search for sendmail in /usr/sbin/sendmail and /usr/lib/sendmail rather than hard-coding the latter. Update to my current code for -v.

Lines changed: +94 -31

1.16 (2004-04-16)

Don't fully-qualify configuration file paths that start with "./".

Lines changed: +2 -2

1.15 (2004-04-02)

Fix a syntax error in the last change.

Lines changed: +2 -2

1.14 (2004-04-02)

Ignore some additional syslog restart patterns. Don't strip out duplicate program name prefixes to the log messages, since it just makes it harder to develop ignore rules.

Lines changed: +7 -5

1.13 (2003-09-12)

Ignore the Linux syslogd restart messages, which don't follow a standard format. Document that, as well as our skipping of -- MARK -- lines, and be clearer in the documentation that this is not a security tool. Document as a bug the imprecision of the regex that skips -- MARK -- lines.

Lines changed: +37 -5

1.12 (2003-04-14)

Change AUTHOR to AUTHORS now that there's more than one name listed.

Lines changed: +2 -2

1.11 (2003-04-14)

Add support for optionally including the hostname of the syslog line in the mailed output (for when syslogs from multiple hosts are being filtered at once). Patch from Steve Benson.

Lines changed: +16 -7

1.10 (2003-04-04)

Support a -n option to not send mail.

Lines changed: +30 -16

1.9 (2002-08-24)

Add a SEE ALSO section and note that the /etc/leland default can be changed by editing the beginning of the script.

Lines changed: +10 -2

1.8 (2002-05-16)

Filter out mark notices earlier.

Lines changed: +5 -5

1.7 (2002-05-10)

added documentation about hostnames in config files.

Lines changed: +3 -2

1.6 (2002-05-10)

Added the ability to substitute hostname into the reports.

Lines changed: +3 -1

1.5 (2002-05-10)

Ignore -- MARK -- lines.

Lines changed: +5 -1

1.4 (2002-04-20)

Add a note that relative config paths are relative to /etc/leland to the DESCRIPTION as well.

Lines changed: +4 -1

1.3 (2002-04-20)

Fix the owner of the copyright in the documentation.

Lines changed: +2 -2

1.2 (2002-04-20)

Add documentation and -h and -v options.

Lines changed: +151 -1

1.1 (2002-04-20)

Initial version.

Generated by cvs2xhtml 1.13 on 2014-08-10