Manuals / IBM / Computer Equipment / Network Router

IBM Enterprise Console manual Additional Mapping Considerations

Models: Enterprise Console

1 194
Download 194 pages 8.78 Kb
Page 163
Image 163

Additional Mapping Considerations

Specify only one mapping for each BAROC file attribute.

A mapping can be inherited from a more generic format specification (using the FOLLOWS keyword) or can be explicitly defined on the format specification that directly matches the message.

Because the adapter does not access the BAROC file, which resides on the event server, care must be taken to make sure that the format specifications agree with the corresponding BAROC file definitions. If an attribute name is misspelled in a mapping, the adapter will not report an error and will send the event to the event server as usual; however, the event will be discarded by the event server because it does not exactly match a class definition.

There can be attributes in the system log message that do not directly correspond to any BAROC file attributes because the adapter might need to use these values to compose PRINTF style constant strings for assigning to attributes. This type of data needs to be assigned to temporary attributes that do not get sent to the event server, but are used in the PRINTF statement. Temporary attributes are designated with a hyphen (-) immediately preceding the attribute name in a mapping.

In order to illustrate the use of mappings in format specifications, a sample from the default tecad_logfile.fmt file is shown following with a few additions.

FORMAT Logfile_Base %t %s %s*

date $1 hostname $2 msg $3 origin DEFAULT END

/* login */

//NOTE -- anything enclosed in ’/*’ and ’*/’ pairs is considered to

//be a comment. These comments can extend across multiple lines.

//Anything following a ’//’ is also considered to be a comment;

//this comment only extends to the end of the line.

FORMAT Logfile_Login FOLLOWS Logfile_Base %t %s login: %s*

sub_source login

END

FORMAT Root_Login FOLLOWS Logfile_Login %t %s login: ROOT LOGIN %s*

END

FORMAT Root_Login_Success FOLLOWS Root_Login %t %s login: ROOT LOGIN %s

on_tty $3

msg PRINTF("root login %s", on_tty)

END

FORMAT Root_Login_Success_From FOLLOWS Root_Login_Success %t %s login: ROOT LOGIN %s FROM %s

from_host $4

-extra ", with extra stuff!"

msg PRINTF("root login from %s%s", from_host, extra)

END

Now, assume that the following system log message is received by the log file adapter:

Dec 10 09:45:06 sawmill login: ROOT LOGIN ttyp6 FROM oak

Appendix B. Format File Reference 151

Page 162 Page 164
Page 163
Image 163
IBM Enterprise Console manual Additional Mapping Considerations
Page 162 Page 164