Changeset 666 for server/fedora


Ignore:
Timestamp:
Feb 25, 2008, 11:29:16 PM (17 years ago)
Author:
quentin
Message:
Change syslog zephyring to coalesce messages
File:
1 edited

Legend:

Unmodified
Added
Removed
  • server/fedora/config/etc/syslog-ng/d_zroot.pl

    r665 r666  
    44use warnings;
    55use Sys::Hostname;
     6use Time::HiRes qw(ualarm);
    67
    7 sub sendmsg($;$$) {
     8our $ZCLASS = "scripts-auto";
     9our @USERS = qw/root logview/;
     10
     11our %USERS;
     12@USERS{@USERS} = undef;
     13
     14sub zwrite($;$$) {
    815    my ($message, $class, $instance) = @_;
    9     $class ||= "scripts-auto";
     16    $class ||= $ZCLASS;
    1017    $instance ||= 'root.'.hostname;
    11     open(ZWRITE, "|-", qw|/usr/bin/zwrite -d -c|, $class, '-i', $instance, '-s', hostname) or die "Couldn't open zwrite";
     18    open(ZWRITE, "|-", qw|/usr/bin/zwrite -d -O log -c|, $class, '-i', $instance, '-s', hostname) or die "Couldn't open zwrite";
    1219    print ZWRITE $message;
    1320    close(ZWRITE);
    1421}
    1522
    16 my $last;
     23my %toclass;
    1724
    18 while (my $message = <>) {
    19     chomp $message;
    20     $message =~ s/^(.*?): //;
    21     if ($message =~ m|Accepted (\S+) for (\S+)|) {
    22         my $send = $message;
    23         if ($1 eq "gssapi-with-mic") {
    24             $send = $last."\n".$send;
     25while (1) {
     26    my @message = scalar(<>);
     27    eval {
     28        local $SIG{ALRM} = sub { die "alarm\n" }; # NB: \n required
     29        ualarm(500*1000);
     30        while (<>) { push @message, $_; }
     31    };
     32    chomp @message;
     33    map { s/^(.*?): // } @message;
     34    %toclass = ();
     35    foreach my $message (@message) {
     36        sub sendmsg ($;$) {
     37            my ($message, $class) = @_;
     38            $class ||= $ZCLASS;
     39            $toclass{$class} .= $message."\n";
    2540        }
    26         if ($2 eq "root" or $2 eq "logview") {
    27             sendmsg($send);
     41        if ($message =~ m|Accepted (\S+) for (\S+)|) {
     42            sendmsg($message) if exists $USERS{$2}
     43        } elsif ($message =~ m|Authorized to (\S+),|) {
     44            sendmsg($message) if exists $USERS{$1};
     45        } elsif ($message =~ m|Root (\S+) shell|) {
     46            sendmsg($message);
     47        } elsif ($message =~ m|session \S+ for user root\b|) {
     48            sendmsg($message);
     49        } elsif ($message =~ m|^Connection closed|) {
     50            # Do nothing
     51        } elsif ($message =~ m|^Invalid user|) {
     52        } elsif ($message =~ m|^input_userauth_request: invalid user|) {
     53        } elsif ($message =~ m|^Received disconnect from|) {
     54        } else {
     55            sendmsg($message, "scripts-spew");
    2856        }
    29     } elsif ($message =~ m|session \S+ for user root |) {
    30         sendmsg($message);
    3157    }
    3258
    33     $last = $message;
     59    foreach my $class (keys %toclass) {
     60        zwrite($toclass{$class}, $class);
     61    }
    3462}
Note: See TracChangeset for help on using the changeset viewer.