This is a reference for the LogDistiller classification rules descriptor.
You should use following DTD:
<!DOCTYPE logdistiller SYSTEM "http://logdistiller.sourceforge.net/dtd/logdistiller-1_4.dtd">
An XSD is also available, even if DTD is preferred:
<logdistiller xmlns="http://logdistiller.sourceforge.net/LOGDISTILLER/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://logdistiller.sourceforge.net/LOGDISTILLER/1.1.0 http://logdistiller.sourceforge.net/xsd/logdistiller-1.1.0.xsd">
Note that the DTD is strict about elements order but the XML Schema is loose: both are parsed by LogDistiller without any difference. When choosing XSD, you just have to know that if you want to switch later to DTD, you'll have to reorder your descriptor.
<logdistiller xmlns="http://logdistiller.sourceforge.net/LOGDISTILLER/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://logdistiller.sourceforge.net/LOGDISTILLER/1.1.0 http://logdistiller.sourceforge.net/xsd/logdistiller-1.1.0.xsd" id=.. > <property name=.. value=.. /> <description/> <logtype id=.. > <param name=.. /> <attributes> <provided/> <extension source=.. provides=.. /> </attributes> </logtype> <output content=.. directory=.. skip=.. url=.. > <param name=.. /> <report format=.. publisher=.. > <param name=.. /> </report> </output> <category id=.. /> <group id=.. category=.. continueProcessing=.. save=.. > <description/> <param name=.. /> <condition tags=.. > <match attribute=.. type=.. /> </condition> <report format=.. publisher=.. > <param name=.. /> </report> <plugin globalReport=.. groupReport=.. type=.. > <param name=.. /> </plugin> </group> </logdistiller>
LogDistiller's classification rules root element.
| Attribute | Type | Since | Description |
|---|---|---|---|
| id | String | the identifier that will be used in reports |
| Element | Type | Since | Description |
|---|---|---|---|
| property* | List<Property> | (Many) Properties definitions, for later substitution. | |
| description | String | Description of the corresponding element, which will be printed in reports, after property substitution: ${property-name} is replaced by property's value. | |
| logtype | LogType | Logtype of the logs that will be distilled. | |
| output | Output | Global output definition. | |
| category* | List<Category> | (Many) Group categories definition. | |
| group* | List<Group> | (Many) Groups definition. |
A property definition. After its definition, property's value can be referenced in params, descriptions or
matches with ${property-name} syntax.
The property value set in rules definition file can be overridden at runtime by LogDistiller's ant task
through equivalent property element.
Example: <property name="logs.subdir" value=""/>
| Attribute | Type | Since | Description |
|---|---|---|---|
| name | String | name of the property | |
| value | String | default value of the property, when it is not overridden |
Definition of a log type to be used.
| Attribute | Type | Since | Description |
|---|---|---|---|
| id | String | id of the log type |
| Element | Type | Since | Description |
|---|---|---|---|
| param* | List<Param> | (Many) parameters of the log type | |
| attributes | Attributes | 1.1.0 | attributes available in log events |
A parameter definition, to customize its parent element. Parameter's value is read from element's content, after
property substitution: ${property-name} is replaced by property's value.
Example: <param name="param name"/>param value</param>
Element Content: value of the parameter
| Attribute | Type | Since | Description |
|---|---|---|---|
| name | String | name of the parameter. Available names vary depending on the usage context. |
Attributes that will be available for log events.
| Element | Type | Since | Description |
|---|---|---|---|
| provided | String | 1.1.0 | Attributes directly provided by the log type. |
| extension* | List<Extension> | 1.1.0 | (Many) Attributes calculated with a regexp on log type provided one. |
Attributes calculated with a regexp on log type provided one.
Element Content: regexp to be applied to the source attribute to extract extension attributes.
| Attribute | Type | Since | Description |
|---|---|---|---|
| source | String | 1.1.0 | attribute on which the regexp will be applied. |
| provides | String | 1.1.0 | attribute names that will be provided by this extension. |
Definition of the output of the logdistillation.
| Attribute | Type | Since | Description |
|---|---|---|---|
| content | String | content description of the data processed for the output | |
| directory | String | the directory where all generated files will be stored | |
| skip | String | id of the category or group that must be skipped in the analysis | |
| url | String | the url where the reports can be downloaded (to enable links in reports) |
| Element | Type | Since | Description |
|---|---|---|---|
| param* | List<Param> | (Many) Parameters of the output | |
| report* | List<Report> | (Many) Reports to be used in the global logdistillation summary |
Definition of a report.
| Attribute | Type | Since | Description |
|---|---|---|---|
| format | String |
(for future extension) format of the report: txt, html, pdf, ...
Default value is: txt. |
|
| publisher | String | publisher id of the report: file, mail, feed, ... |
| Element | Type | Since | Description |
|---|---|---|---|
| param* | List<Param> | (Many) Parameters of the publisher for the report |
A category definition, to aggregate multiple correlated groups in the global report.
Element Content: the description of the category
| Attribute | Type | Since | Description |
|---|---|---|---|
| id | String | the identifier of the category, which will be referenced by corresponding group definitions |
A group definition, to describe the rules that log events must match to be counted in it.
| Attribute | Type | Since | Description |
|---|---|---|---|
| id | String | the identifier that will be printed in reports and used as a basename for files corresponding to this group | |
| category | String | a group can take part in a category by referring category's id | |
| continueProcessing | boolean |
if a log event corresponds to this group, should the log event continue to be compared to the next groups or
simply stop? By default, the classification of a log event stops after the first match: a log event is
assigned to only one group
Default value is: false. |
|
| save | boolean |
should the log events in this group be saved in a file? Log events are saved in a file named
id.log.
Default value is: true. |
| Element | Type | Since | Description |
|---|---|---|---|
| description | String | Description of the group | |
| param* | List<Param> | (Many) parameters of the group, to allow customization | |
| condition* | List<Condition> | (Many) Conditions for a logevent to be part of the group: meeting one of the conditions is sufficient | |
| report* | List<Report> | (Many) Reports to generate for this group | |
| plugin* | List<Plugin> | (Many) Plugins to use in this group, to add extended info in the reports |
A definition of a condition that a log event must match to be part of corresponding group. A condition is composed of one ore more attribute match: a log event must match every attribute for the condition to be ok. If there are multiple conditions defined for a group, a log event has to match only one condition to be part of the group.
| Attribute | Type | Since | Description |
|---|---|---|---|
| tags | String | 1.1.0 | affect some tags (comma separated) to this condition, for later use by plugins, that can now differentiate if a log event was matched by this condition or another one. |
| Element | Type | Since | Description |
|---|---|---|---|
| match* | List<Match> | (Many) The matches that logevent attributes must meet |
A definition of an attribute match: the log event's attribute is compared to this element's value.
Example:
<match attribute="timestamp" type="contains">${date}</match>
<match attribute="severity" type="!equals">Error</match>
<match attribute="message_text" type="regexp">Server state changed to \S+</match>Element Content: the value to compare to
| Attribute | Type | Since | Description |
|---|---|---|---|
| attribute | String | the name of the log event attribute to test | |
| type | String | the type of comparison that has to be made: it can be contains, equals, startsWith, endsWith, regexp or the negation of the test when prefixed with ! (!contains, !equals, !startsWith, !endsWith, !regexp) |
Activation of a plugin for log events in corresponding group.
| Attribute | Type | Since | Description |
|---|---|---|---|
| globalReport | boolean | Add info computed by this plugin to the global report? Default value is: true. |
|
| groupReport | boolean | Add info computed by this plugin to the group report? Default value is: true. |
|
| type | String | type of the plugin |
| Element | Type | Since | Description |
|---|---|---|---|
| param* | List<Param> | (Many) Parameters for the plugin |