]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c3950a9) | patch
journal: store the original syslog input as SYSLOG_RAW=
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Fri, 8 Jun 2018 11:52:22 +0000 (13:52 +0200)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Wed, 4 Jul 2018 16:18:04 +0000 (18:18 +0200)
commitdf8701a3f275aee7f898041285aeb24947c1e451
tree1cc4701dae2f442cdf02a047c637d22351b09d8ctree | snapshot
parentc3950a9bbe0d6f8ddd735a6f902281a3b2b4ca15commit | diff
journal: store the original syslog input as SYSLOG_RAW=

This allows the original stream to be recreated and/or verified. The new field
is written if any stripping was done or if the input message contained embeded
NULs.

$ printf '<13>Sep 15 15:07:58 HOST: x\0y' | nc -w1 -u -U /run/systemd/journal/dev-log

$ journalctl -o json-pretty ...
{
  ...
  "MESSAGE" : "x",
  "SYSLOG_RAW" : [ 60, 49, 51, 62, 83, 101, 112, 32, 49, 53, 32, 49, 53, 58, 48, 55, 58, 53, 56, 32, 72, 79, 83, 84, 58, 32, 120, 0, 121 ]
}

$ journalctl -o export ... | cat -v
...
MESSAGE=x
SYSLOG_RAW
^]^@^@^@^@^@^@^@<13>Sep 15 15:07:58 HOST: x^@y

This mostly fixes #4863.
man/systemd.journal-fields.xml diff | blob | blame | history
src/journal/journald-syslog.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.