diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2019-05-17 15:03:49 +0200 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2019-05-17 15:06:59 +0200 |
commit | 194da5ca5159597e4fac726db5cee104ec338213 (patch) | |
tree | 21bc34df18d152d7b37e8c424972dddfd5ed4470 /src/shared/logs-show.c | |
parent | a9009769de43b7f29d05017f4219e18c1e42a273 (diff) | |
download | systemd-194da5ca5159597e4fac726db5cee104ec338213.tar.gz |
shared/logs-show: show audit logs in blue
Audit logs always have _TRANSPORT=audit and no PRIORITY= field set. This means
that they are shown in the default foreground color. There can be quite a lot
of them, and they often repeat the same information that is already logged by
applications, leading to a "wall of text" effect. Let's mark them with a
different color. This splits the logs visually into "normal logs" and "audit
logs".
Diffstat (limited to 'src/shared/logs-show.c')
-rw-r--r-- | src/shared/logs-show.c | 25 |
1 files changed, 19 insertions, 6 deletions
diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c index bdde6c11e3..aa5bc5b4ed 100644 --- a/src/shared/logs-show.c +++ b/src/shared/logs-show.c @@ -154,6 +154,7 @@ static bool print_multiline( unsigned n_columns, OutputFlags flags, int priority, + bool audit, const char* message, size_t message_len, size_t highlight[2]) { @@ -163,9 +164,15 @@ static bool print_multiline( bool ellipsized = false; int line = 0; - if (flags & OUTPUT_COLOR) + if (flags & OUTPUT_COLOR) { get_log_colors(priority, &color_on, &color_off, &highlight_on); + if (audit && strempty(color_on)) { + color_on = ANSI_BLUE; + color_off = ANSI_NORMAL; + } + } + /* A special case: make sure that we print a newline when the message is empty. */ if (message_len == 0) @@ -368,15 +375,16 @@ static int output_short( const void *data; size_t length; size_t n = 0; - _cleanup_free_ char *hostname = NULL, *identifier = NULL, *comm = NULL, *pid = NULL, *fake_pid = NULL, *message = NULL, *realtime = NULL, *monotonic = NULL, *priority = NULL, *unit = NULL, *user_unit = NULL; - size_t hostname_len = 0, identifier_len = 0, comm_len = 0, pid_len = 0, fake_pid_len = 0, message_len = 0, realtime_len = 0, monotonic_len = 0, priority_len = 0, unit_len = 0, user_unit_len = 0; + _cleanup_free_ char *hostname = NULL, *identifier = NULL, *comm = NULL, *pid = NULL, *fake_pid = NULL, *message = NULL, *realtime = NULL, *monotonic = NULL, *priority = NULL, *transport = NULL, *unit = NULL, *user_unit = NULL; + size_t hostname_len = 0, identifier_len = 0, comm_len = 0, pid_len = 0, fake_pid_len = 0, message_len = 0, realtime_len = 0, monotonic_len = 0, priority_len = 0, transport_len = 0, unit_len = 0, user_unit_len = 0; int p = LOG_INFO; - bool ellipsized = false; + bool ellipsized = false, audit; const ParseFieldVec fields[] = { PARSE_FIELD_VEC_ENTRY("_PID=", &pid, &pid_len), PARSE_FIELD_VEC_ENTRY("_COMM=", &comm, &comm_len), PARSE_FIELD_VEC_ENTRY("MESSAGE=", &message, &message_len), PARSE_FIELD_VEC_ENTRY("PRIORITY=", &priority, &priority_len), + PARSE_FIELD_VEC_ENTRY("_TRANSPORT=", &transport, &transport_len), PARSE_FIELD_VEC_ENTRY("_HOSTNAME=", &hostname, &hostname_len), PARSE_FIELD_VEC_ENTRY("SYSLOG_PID=", &fake_pid, &fake_pid_len), PARSE_FIELD_VEC_ENTRY("SYSLOG_IDENTIFIER=", &identifier, &identifier_len), @@ -421,6 +429,9 @@ static int output_short( if (priority_len == 1 && *priority >= '0' && *priority <= '7') p = *priority - '0'; + + audit = streq_ptr(transport, "audit"); + if (mode == OUTPUT_SHORT_MONOTONIC) r = output_timestamp_monotonic(f, j, monotonic); else @@ -475,7 +486,7 @@ static int output_short( } else { fputs(": ", f); ellipsized |= - print_multiline(f, n + 2, n_columns, flags, p, + print_multiline(f, n + 2, n_columns, flags, p, audit, message, message_len, highlight_shifted); } @@ -570,7 +581,9 @@ static int output_verbose( (((length < PRINT_CHAR_THRESHOLD) || flags & OUTPUT_FULL_WIDTH) && utf8_is_printable(data, length))) { fprintf(f, " %s%.*s=", on, fieldlen, (const char*)data); - print_multiline(f, 4 + fieldlen + 1, 0, OUTPUT_FULL_WIDTH, 0, c + 1, length - fieldlen - 1, NULL); + print_multiline(f, 4 + fieldlen + 1, 0, OUTPUT_FULL_WIDTH, 0, false, + c + 1, length - fieldlen - 1, + NULL); fputs(off, f); } else { char bytes[FORMAT_BYTES_MAX]; |