• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Syslog collection

 
Ranch Hand
Posts: 132
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am writing a syslog collector that listens to UDP port, based on rfc 3164. I should also b able to forward the syslog received to other collectors (that includes another instance of my program too). I have an issue in parsing the message received -
As per the rfc, any message like
<13>Jan 10 10:00:00 hostname message
is valid. If the timestamp and hostname tokens r not valid, i should b inserting them myself, so that when the message is forwarded to another program, that neednt make changes, and can read the hostname from the message content itself.

I am currently looking for a proper timestamp like above (in the message), and if not found i insert timestamp followed by hostname followed by whatever came as message.
This is fine as long as the message is not like this -
<13>Jan 10 10:00:00 message
or
<13>Jan 10 10:00:00 IST hostname message
What should i do in such a case, where the token occuring after timestamp is not the hostname but something else. how do i find it out? i dont think i can safely assume that if the timestamp is ok, the hostname will surely follow as the next token.
Please give me some idea.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic