Arduino Syslog Client Library: Unterschied zwischen den Versionen
Aus DL8RDS Wiki
Dl8rds (Diskussion | Beiträge) |
Dl8rds (Diskussion | Beiträge) |
||
| Zeile 1: | Zeile 1: | ||
| + | = Project Definition = | ||
| + | |||
We intend to upgrade our ATV relay DB0MHB in a way that it logs every event right on the second over the network to a syslog server. Since we are going to do this with an Arduino system, I understood that there is no such thing as a Syslog client library for Arduino. | We intend to upgrade our ATV relay DB0MHB in a way that it logs every event right on the second over the network to a syslog server. Since we are going to do this with an Arduino system, I understood that there is no such thing as a Syslog client library for Arduino. | ||
| Zeile 6: | Zeile 8: | ||
* http://code.google.com/p/ardusyslog/ | * http://code.google.com/p/ardusyslog/ | ||
| + | |||
| + | = Advance Tests = | ||
| + | |||
| + | == Understand the format of a Syslog message == | ||
| + | The format of a syslog message is defined in RFC5424. It is depicted as a transformational grammar: | ||
| + | |||
| + | SYSLOG-MSG = HEADER SP STRUCTURED-DATA [SP MSG] | ||
| + | |||
| + | HEADER = PRI VERSION SP TIMESTAMP SP HOSTNAME | ||
| + | SP APP-NAME SP PROCID SP MSGID | ||
| + | PRI = "<" PRIVAL ">" | ||
| + | PRIVAL = 1*3DIGIT ; range 0 .. 191 | ||
| + | VERSION = NONZERO-DIGIT 0*2DIGIT | ||
| + | HOSTNAME = NILVALUE / 1*255PRINTUSASCII | ||
| + | |||
| + | APP-NAME = NILVALUE / 1*48PRINTUSASCII | ||
| + | PROCID = NILVALUE / 1*128PRINTUSASCII | ||
| + | MSGID = NILVALUE / 1*32PRINTUSASCII | ||
| + | |||
| + | TIMESTAMP = NILVALUE / FULL-DATE "T" FULL-TIME | ||
| + | FULL-DATE = DATE-FULLYEAR "-" DATE-MONTH "-" DATE-MDAY | ||
| + | DATE-FULLYEAR = 4DIGIT | ||
| + | DATE-MONTH = 2DIGIT ; 01-12 | ||
| + | DATE-MDAY = 2DIGIT ; 01-28, 01-29, 01-30, 01-31 based on | ||
| + | ; month/year | ||
| + | FULL-TIME = PARTIAL-TIME TIME-OFFSET | ||
| + | PARTIAL-TIME = TIME-HOUR ":" TIME-MINUTE ":" TIME-SECOND | ||
| + | [TIME-SECFRAC] | ||
| + | TIME-HOUR = 2DIGIT ; 00-23 | ||
| + | TIME-MINUTE = 2DIGIT ; 00-59 | ||
| + | TIME-SECOND = 2DIGIT ; 00-59 | ||
| + | TIME-SECFRAC = "." 1*6DIGIT | ||
| + | TIME-OFFSET = "Z" / TIME-NUMOFFSET | ||
| + | TIME-NUMOFFSET = ("+" / "-") TIME-HOUR ":" TIME-MINUTE | ||
| + | STRUCTURED-DATA = NILVALUE / 1*SD-ELEMENT | ||
| + | SD-ELEMENT = "[" SD-ID *(SP SD-PARAM) "]" | ||
| + | SD-PARAM = PARAM-NAME "=" %d34 PARAM-VALUE %d34 | ||
| + | SD-ID = SD-NAME | ||
| + | PARAM-NAME = SD-NAME | ||
| + | PARAM-VALUE = UTF-8-STRING ; characters '"', '\' and | ||
| + | ; ']' MUST be escaped. | ||
| + | SD-NAME = 1*32PRINTUSASCII | ||
| + | ; except '=', SP, ']', %d34 (") | ||
| + | MSG = MSG-ANY / MSG-UTF8 | ||
| + | MSG-ANY = *OCTET ; not starting with BOM | ||
| + | MSG-UTF8 = BOM UTF-8-STRING | ||
| + | BOM = %xEF.BB.BF | ||
| + | UTF-8-STRING = *OCTET ; UTF-8 string as specified | ||
| + | ; in RFC 3629 | ||
| + | OCTET = %d00-255 | ||
| + | SP = %d32 | ||
| + | PRINTUSASCII = %d33-126 | ||
| + | NONZERO-DIGIT = %d49-57 | ||
| + | DIGIT = %d48 / NONZERO-DIGIT | ||
| + | NILVALUE = "-" | ||
| + | |||
| + | This grammar defines nonstructured as well as structured presentations. So very basically, the Syslog message consists of the following basic form: | ||
| + | |||
| + | <PRI> TIMESTAMP TAG MESSAGE | ||
| + | |||
| + | The PRI value is an integer number which calculates by the following metric: | ||
| + | |||
| + | 8 x (facility code) + (severity code) | ||
| + | |||
| + | where the individual codes are those: | ||
| + | |||
| + | Facilities: | ||
| + | 0 kernel messages | ||
| + | 1 user-level messages | ||
| + | 2 mail system | ||
| + | 3 system daemons | ||
| + | 4 security/authorization messages | ||
| + | 5 messages generated internally by syslogd | ||
| + | 6 line printer subsystem | ||
| + | 7 network news subsystem | ||
| + | 8 UUCP subsystem | ||
| + | 9 clock daemon | ||
| + | 10 security/authorization messages | ||
| + | 11 FTP daemon | ||
| + | 12 NTP subsystem | ||
| + | 13 log audit | ||
| + | 14 log alert | ||
| + | 15 clock daemon (note 2) | ||
| + | 16 local use 0 (local0) | ||
| + | 17 local use 1 (local1) | ||
| + | 18 local use 2 (local2) | ||
| + | 19 local use 3 (local3) | ||
| + | 20 local use 4 (local4) | ||
| + | 21 local use 5 (local5) | ||
| + | 22 local use 6 (local6) | ||
| + | 23 local use 7 (local7) | ||
| + | |||
| + | Severities: | ||
| + | 0 Emergency: system is unusable | ||
| + | 1 Alert: action must be taken immediately | ||
| + | 2 Critical: critical conditions | ||
| + | 3 Error: error conditions | ||
| + | 4 Warning: warning conditions | ||
| + | 5 Notice: normal but significant condition | ||
| + | 6 Informational: informational messages | ||
| + | 7 Debug: debug-level messages | ||
| + | |||
| + | The TIMESTAMP may be the NILVALUE if there is no time available. | ||
| + | |||
| + | == Enable my local Syslog daemon to receive log messages over the network == | ||
| + | |||
| + | Running a NATTY Ubuntu, I noticed that modern Ubuntu distros use Rainer Gerhards' '''rsyslog''' implementation. | ||
| + | |||
| + | It has a section in the config file /etc/rsyslog.conf which just needs to be uncommented: | ||
| + | |||
| + | # provides UDP syslog reception | ||
| + | $ModLoad imudp | ||
| + | $UDPServerRun 514 | ||
| + | |||
| + | Upon restarting the rsyslog service with the command '''service rsyslog restart''' you can check with '''netstat -tulpen''' if the service is listening on UDP port 514. | ||
| + | |||
| + | == Trace the logger command == | ||
Version vom 23. Juni 2011, 21:01 Uhr
Inhaltsverzeichnis
1 Project Definition
We intend to upgrade our ATV relay DB0MHB in a way that it logs every event right on the second over the network to a syslog server. Since we are going to do this with an Arduino system, I understood that there is no such thing as a Syslog client library for Arduino.
If something does not exist, you need to change that.
Please visit my Google Code site:
2 Advance Tests
2.1 Understand the format of a Syslog message
The format of a syslog message is defined in RFC5424. It is depicted as a transformational grammar:
SYSLOG-MSG = HEADER SP STRUCTURED-DATA [SP MSG]
HEADER = PRI VERSION SP TIMESTAMP SP HOSTNAME
SP APP-NAME SP PROCID SP MSGID
PRI = "<" PRIVAL ">"
PRIVAL = 1*3DIGIT ; range 0 .. 191
VERSION = NONZERO-DIGIT 0*2DIGIT
HOSTNAME = NILVALUE / 1*255PRINTUSASCII
APP-NAME = NILVALUE / 1*48PRINTUSASCII
PROCID = NILVALUE / 1*128PRINTUSASCII
MSGID = NILVALUE / 1*32PRINTUSASCII
TIMESTAMP = NILVALUE / FULL-DATE "T" FULL-TIME
FULL-DATE = DATE-FULLYEAR "-" DATE-MONTH "-" DATE-MDAY
DATE-FULLYEAR = 4DIGIT
DATE-MONTH = 2DIGIT ; 01-12
DATE-MDAY = 2DIGIT ; 01-28, 01-29, 01-30, 01-31 based on
; month/year
FULL-TIME = PARTIAL-TIME TIME-OFFSET
PARTIAL-TIME = TIME-HOUR ":" TIME-MINUTE ":" TIME-SECOND
[TIME-SECFRAC]
TIME-HOUR = 2DIGIT ; 00-23
TIME-MINUTE = 2DIGIT ; 00-59
TIME-SECOND = 2DIGIT ; 00-59
TIME-SECFRAC = "." 1*6DIGIT
TIME-OFFSET = "Z" / TIME-NUMOFFSET
TIME-NUMOFFSET = ("+" / "-") TIME-HOUR ":" TIME-MINUTE
STRUCTURED-DATA = NILVALUE / 1*SD-ELEMENT
SD-ELEMENT = "[" SD-ID *(SP SD-PARAM) "]"
SD-PARAM = PARAM-NAME "=" %d34 PARAM-VALUE %d34
SD-ID = SD-NAME
PARAM-NAME = SD-NAME
PARAM-VALUE = UTF-8-STRING ; characters '"', '\' and
; ']' MUST be escaped.
SD-NAME = 1*32PRINTUSASCII
; except '=', SP, ']', %d34 (")
MSG = MSG-ANY / MSG-UTF8
MSG-ANY = *OCTET ; not starting with BOM
MSG-UTF8 = BOM UTF-8-STRING
BOM = %xEF.BB.BF
UTF-8-STRING = *OCTET ; UTF-8 string as specified
; in RFC 3629
OCTET = %d00-255
SP = %d32
PRINTUSASCII = %d33-126
NONZERO-DIGIT = %d49-57
DIGIT = %d48 / NONZERO-DIGIT
NILVALUE = "-"
This grammar defines nonstructured as well as structured presentations. So very basically, the Syslog message consists of the following basic form:
<PRI> TIMESTAMP TAG MESSAGE
The PRI value is an integer number which calculates by the following metric:
8 x (facility code) + (severity code)
where the individual codes are those:
Facilities:
0 kernel messages
1 user-level messages
2 mail system
3 system daemons
4 security/authorization messages
5 messages generated internally by syslogd
6 line printer subsystem
7 network news subsystem
8 UUCP subsystem
9 clock daemon
10 security/authorization messages
11 FTP daemon
12 NTP subsystem
13 log audit
14 log alert
15 clock daemon (note 2)
16 local use 0 (local0)
17 local use 1 (local1)
18 local use 2 (local2)
19 local use 3 (local3)
20 local use 4 (local4)
21 local use 5 (local5)
22 local use 6 (local6)
23 local use 7 (local7)
Severities:
0 Emergency: system is unusable
1 Alert: action must be taken immediately
2 Critical: critical conditions
3 Error: error conditions
4 Warning: warning conditions
5 Notice: normal but significant condition
6 Informational: informational messages
7 Debug: debug-level messages
The TIMESTAMP may be the NILVALUE if there is no time available.
2.2 Enable my local Syslog daemon to receive log messages over the network
Running a NATTY Ubuntu, I noticed that modern Ubuntu distros use Rainer Gerhards' rsyslog implementation.
It has a section in the config file /etc/rsyslog.conf which just needs to be uncommented:
# provides UDP syslog reception $ModLoad imudp $UDPServerRun 514
Upon restarting the rsyslog service with the command service rsyslog restart you can check with netstat -tulpen if the service is listening on UDP port 514.
