XML Schema for Syslog related configuration
Top-level element for the syslogd-configuration.xml
configuration file.
The address on which Syslogd listens for SYSLOG Messages. The
default is to listen on all addresses.
The port on which Syslogd listens for SYSLOG Messages. The
standard port is 514.
Whether messages from devices unknown to OpenNMS should
generate newSuspect events.
The regular expression used to separate message and host.
The matching group for the host
The matching group for the message
A string which defines the class to use when parsing syslog messages.
The default is the "CustomSyslogParser", which honors the forwarding-regexp,
matching-group-host, and matching-group-message attributes, and can parse
most BSD-style Syslog messages, including Syslog-NG's default format.
Other options include "org.opennms.netmgt.syslogd.SyslogNGParser" which is a
slightly more strict version of the CustomSyslogParser, and
"org.opennms.netmgt.syslogd.Rfc5424SyslogParser" which can handle the recent
(2009) RFC for syslog messages.
A string which, when used as the value of a "uei"
element inside a "ueiMatch" element, results in all
matching messages to be discarded without an event
ever being created
Number of threads used for consuming/dispatching messages.
Defaults to 2 x the number of available processors.
Maximum number of messages to keep in memory while waiting
to be dispatched.
Messages are aggregated in batches before being dispatched.
When the batch reaches this size, it will be dispatched.
Messages are aggregated in batches before being dispatched.
When the batch has been created for longer than this interval (ms)
it will be dispatched, regardless of the current size.
time zone to use for log messages that doen't express a time zone. If none is given the
system's default time zone will be taken. See java.util.TimeZone.
Whether or not to include the raw syslog message as an event parameter in the event
generated by syslogd.
List of Strings to UEI matches
The name of a syslog facility. If present, the facility of
an incoming message must match one of the facilities named
by an instance of this tag within the ueiMatch.
The name of a syslog severity. If present, the severity of
an incoming message must match one of the severities named
by an instance of this tag within the ueiMatch.
String against which to match the process name; interpreted
as a regular expression. If no process name is present in
the incoming message, any process-match elements will be
considered non-matches.
The regular expression
String against which to match the hostname; interpreted
as a regular expression.
The regular expression
String against which to match the host IP address; interpreted
as a regular expression.
The regular expression
String against which to match the message body; interpreted
as a substring or a regular expression according to the
value of the "type" attribute
Whether to interpret this match string as a simple
substring or as a regular expression
The match expression
Whether to do the default mappings of matching-groups to
event parameters (group 1 -> group1, etc.) if this is a
regex match.
UEI
For regex matches, assign the value of a matching group
to a named event parameter
The number of the matching group from the regex
whose value will be assigned. Group 0 always refers
to the entire string matched by the expression. If
the referenced group does not exist, the empty string
will be assigned.
The name of the event parameter to which the named
matching group's value will be assigned
List of substrings or regexes that, when matched, signal
that the message has sensitive contents and should
therefore be hidden
The match expression
Whether to interpret this match string as a simple
substring or as a regular expression
The match expression