Author: Rainer Gerhards

Yesterday’s rsyslog work log:
2008-02-19
– added professional support options to doc set (also somthing that
we need to have in order to be an alternative to syslog-ng)
– added doc on how expressions will work
– cleaned up the stringbuf Construct interface
– did some cleanup on stringbuf calls – we now have much better
interfaces and macros
– moved config file code to its own file
– finally made CONT_LINES in config the only standard support (the
code contained code for other case, which were never executed by
the preprocessor)
– some include file cleanup
– added ctok class (the config tokenizer)
– done stage work to begin implement tokenizer
– implemented initial tokenizer (stage work for expr parser)
– begun implementation of expression parsing logic
– implemented, simpstr, var, number in tokenizer
– implemented function in tokenizer

Yesterday’s rsyslog work log:
2008-02-18
– changed interface “printchopped()” so that it looks more like
a generic message submission interface. Part of the ongoing
modularization effort.
– bugfix: invalid kernel log format — see bug
http://bugzilla.adiscon.com/show_bug.cgi?id=1
– bugfix: fixed abort when invalid template was provided to an action
bug http://bugzilla.adiscon.com/show_bug.cgi?id=4
– applied patch from Michael Biebl to auto-detect new libdbi version
– bugfix: default port was not used on $UDPServerRun when none was
specified – http://bugzilla.adiscon.com/show_bug.cgi?id=6
– removed no longer necessary signal from threads
– changed debug output request signal to SIGUSR2 (as originally
intented), restored SIGUSR1 semantics
– documented at least a bit about the debug settings
– released 3.11.3

Past days’ rsyslog work log:
2008-02-14
– enhanced file monitor doc
– implemented $InputFilePollInterval config directive
– error handling and cleanup in imfile
– improved file polling algorithm for more rapid file data delivery
– some more cleanup
– moved decoding of syslog names to a more appropriate place
– added new facility and severity syntaxes to cfsysline handler
– implemented $InputFileFacility config directive
– implemented $InputFileSeverity config directive
– created a bare template for omlibdbi (dbi output action)
– created an initial version of omlibdbi (does not yet work)
2008-02-15
– did some more work on omlibdbi, but did not yet get libdbi working.
I guess its a compile problem, but have not found it so far.
– the libdbi problem was actually related to libdbi/distro packages;
fixed that by installing from source, now omlibdbi basically works
removed some debug code
– cleaned up omlibdbi – works now
– implemented $ActionLibdbiDriverDirectory config directive
– some cleanup
– doc improvements
2008-02-16
– patched libdbi to work better with plugins
– adopted omlibdbi to use new version of libdbi
– improved man page a bit for the novice user

Yesterday’s rsyslog work log:
2008-02-14
– enhanced file monitor doc
– implemented $InputFilePollInterval config directive
– error handling and cleanup in imfile
– improved file polling algorithm for more rapid file data delivery
– some more cleanup
– moved decoding of syslog names to a more appropriate place
– added new facility and severity syntaxes to cfsysline handler
– implemented $InputFileFacility config directive
– implemented $InputFileSeverity config directive
– created a bare template for omlibdbi (dbi output action)
– created an initial version of omlibdbi (does not yet work)

Yesterday’s rsyslog work log:
2008-02-13
– added some code to expr.c – not yet to be used
– cleaned up imfile.c
– changed interface of logmsg() to make it more straightforward
– introduced a new, more powerful, message submission interface
submitMsg() in additon to logmsg()
– a first, rough implementation of imfile that is able to read files
(but does not persist or handle rotation or whatever)
– removed some left-over unnecessary dbgprintf’s
– added ability to monitor file accross rotation
– fixed a race condition in DoDie() – cosmetic issue in debugging mode,
could not happen in production
– added the ability to persist current read location for the file
monitor
– some cleanup
– created initial doc for imfile plugin
– released a preview of 3.11.2 (with the file monitor)

Yesterday’s rsyslog work log:
2008-02-12
– still helped a bit with omsnmp
– applied patch from Michael Biebl that fixed my doc change from yesterday
which was somewhat incomplete
– fixed a bug in stringbuf.c related to STRINGBUF_TRIM_ALLOCSIZE, which
wasn’t supposed to be used with rsyslog. Put a warning message up that
tells this feature is not tested and probably not worth the effort.
Thanks to Anders Blomdell fro bringing this to our attention
– somewhat improved performance of rsCStr obj
– fixed bug that caused invalid treatment of tabs (HT) in rsyslog.conf
– released 2.0.2
– reduced volume of debug output
– bugfix: setting for $EscapeCopntrolCharactersOnReceive was not
properly initialized
– clarified usage of space-cc property replacer option
– bugfix: discard action and backup actions did not work due to
problem in direct queue mode. Now fixed. Tracker was
http://sourceforge.net/tracker/index.php?func=detail&aid=1886931&group_id=123448&atid=696552
– improved diagnostic information for abort cases
– some initial effort for malloc/free debugging support
– bugfix: using dynafile actions caused rsyslogd abort
– fixed man errors thanks to Michael Biebl
– released 3.11.1

I admit it is just a quick note, but I guess it tell a lot to those that are working in the protocol area:

In the long term, I’ll move the protocol stack to RFC3080/3081 (including RFC 3195) as the primary rsyslog-to-rsyslog mode. I thought hard about it, but it is the best choice to have a) plugins only loaded on demand but b) the ability to decide upon runtime on the highest level of features/confidentiality. With liblogging, I already made serious investment in that protocol suite. It still not a trivial thing to do it in the way I intend to (with profile plugins) and it will probably an at least 50% rewrite of the 3080/81 code, but I came to the conclusion it is worth it. I think you’ll like it when you see it in all its glory ;) But other things are currently more important…

If you don’t get the idea what this is all about, just forget it. Really… it’s not important to you then ;)

Yesterday’s rsyslog work log:
2008-02-11
– added x-info field to rsyslogd startup/shutdown message. Hopefully
points users to right location for further info (many don’t even know
they run rsyslog ;))
– bugfix: trailing “:” of tag was lost while parsing legacy syslog messages
without timestamp – thanks to Anders Blomdell for providing a patch!
– worked on integrating omsnmp