[Bug 270497] periodic(8) scripts ignore syslogd flag '-O' output format and does not filter/report failed events

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270497

            Bug ID: 270497
           Summary: periodic(8) scripts ignore syslogd flag '-O' output
                    format and does not filter/report failed events
           Product: Base System
           Version: 12.4-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: bin
          Assignee: bugs@FreeBSD.org
          Reporter: michael.osipov@siemens.com

I was not happy with the output format of syslogd events since the time
resolution was not enough and not sortable. I did set in my rc.conf:
$ sysrc -n syslogd_flags
-N -ss -O rfc5424

These periodics are then rendered useless:
$ grep -r "date " /etc/periodic
/etc/periodic/daily/460.status-mail-rejects:        yesterday=$(date -v-1d '+%b
%e')
/etc/periodic/daily/460.status-mail-rejects:        today=$(date '+%b %e')
/etc/periodic/security/900.tcpwrap:yesterday=`date -v-1d "+%b %e "`
/etc/periodic/security/800.loginfail:yesterday=`date -v-1d "+%b %e "`

They rely on the old style formats and miss everything highres timestamps.

So a possible solution is to query "sysrc -n syslogd_flags" and use the
appropriate format:
today=$(date -I)
yesterday=$(date -v-1d -I)
or old style

to filter out events.

Manpage of syslogd says:
     -O format
             Select the output format of generated log messages.  The values
             bsd and rfc3164 are used to generate RFC 3164 log messages.  The
             values syslog and rfc5424 are used to generate RFC 5424 log
             messages, having RFC 3339 timestamps with microsecond precision.
             The default is to generate RFC 3164 log messages.

So it is '-O bsd|rfc3164' or '-O syslog|rfc5424'. This could be done with grep
or sed.

-- 
You are receiving this mail because:
You are the assignee for the bug.