From: Juliana Fajardini <jufajardini@oisf.net>
Date: Tue, 10 Jan 2023 22:14:08 +0000 (-0300)
Subject: userguide/config: update log format symbols list
X-Git-Tag: suricata-7.0.0-rc1~76
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=918bd7435c5741181db4bc00e2c474b7e2b1a1eb;p=thirdparty%2Fsuricata.git

userguide/config: update log format symbols list

There were some possible format options missing after the recent changes
in the log format.
---

diff --git a/doc/userguide/configuration/suricata-yaml.rst b/doc/userguide/configuration/suricata-yaml.rst
index db8c393060..84b953f564 100644
--- a/doc/userguide/configuration/suricata-yaml.rst
+++ b/doc/userguide/configuration/suricata-yaml.rst
@@ -1849,7 +1849,7 @@ will be displayed. This option is the so called format string::
 
   default-log-format: "[%i] %t - (%f:%l) <%d> (%n) -- "
 
-The % followed by a character, has a special meaning. There are eight
+The % followed by a character has a special meaning. There are thirteen
 specified signs:
 
 ::
@@ -1860,11 +1860,16 @@ specified signs:
   i:      Thread ID. ID of individual threads.
   m:      Thread module name. (Outputs, Detect etc.)
   d:      Log-level of specific log-event. (Error, info, debug etc.)
+  D:      Compact log format (E for Error, i for info etc.)
+  S:      Subsystem name.
+  T:      Thread name.
+  M:      Log message body.
   f:      Filename. Name of C-file (source code) where log-event is generated.
   l:      Line-number within the filename, where the log-event is generated in the source-code.
   n:      Function-name in the C-code (source code).
 
-The last three, f, l and n are mainly convenient for developers.
+
+The last three options, f, l and n, are mainly convenient for developers.
 
 The log-format can be overridden in the command line by the
 environment variable: SC_LOG_FORMAT