A patch to allow Zimbra to work with rsyslog's precision timestamp format

Have a great idea for extending Zimbra? Share ideas, ask questions, contribute, and get feedback.
Post Reply
jjakob
Posts: 10
Joined: Thu Jan 14, 2021 1:13 pm

A patch to allow Zimbra to work with rsyslog's precision timestamp format

Post by jjakob »

I had an issue with some things not working after I changed rsyslog's timestamp format to precision. I commented out the line that sets traditional format in rsyslog.conf after installing fail2ban as it was having problems parsing the log timestamps.
It showed as statistics and service status in the web admin interface not working, and the daily mail report being empty.
I made a pull request on Github for the fixes: https://github.com/Zimbra/zm-core-utils/pull/84
The fixes are simple and anyone can apply them manually or via patch files to their own installation, and they are compatible with both rsyslog timestamp formats.

Code: Select all

diff --git a/src/libexec/zmdailyreport b/src/libexec/zmdailyreport
index 65d074ab..9315d94d 100755
--- a/src/libexec/zmdailyreport
+++ b/src/libexec/zmdailyreport
@@ -81,7 +81,7 @@ if (fork()) {

             while (<LOG>) {
                        my $line = $_;
-                       if ($line =~ /$today/o) {
+                       if ($line =~ /$today|$datestring/o) {
                             print PFOUT $line;
                             $found = 1;
                    } elsif ($found) {
@@ -96,7 +96,7 @@ if (fork()) {
        $found = 0;
        while (<LOG>) {
                my $line = $_;
-               if ($line =~ /$today/o) {
+               if ($line =~ /$today|$datestring/o) {
                     print PFOUT $line;
                     $found = 1;
            } elsif ($found) {
diff --git a/src/libexec/zmlogger b/src/libexec/zmlogger
index d9ab6576..8f205f3d 100755
--- a/src/libexec/zmlogger
+++ b/src/libexec/zmlogger
@@ -524,7 +524,7 @@ sub killserver() {
 sub run() {
     my $dbh = init();
     my $opened;
-    my $logregex = qr/(^.{15}) ((\d+\.\d+\.\d+\.\d+)|(\S+)) ([^[]+)(\[(\d+)\])?: (.*)$/o;
+    my $logregex = qr/^(.{15}|\S+) ((\d+\.\d+\.\d+\.\d+)|(\S+)) ([^[]+)(\[(\d+)\])?: (.*)$/o;

     my $fragre = qr/:::(\w{8}-\w{4}-\w{4}-\w{4}-\w{12}):::$/o;
     my $fragnextre = qr/.*:::(\w{8}-\w{4}-\w{4}-\w{4}-\w{12}):::(?!$)/o;
diff --git a/src/libexec/zmlogprocess b/src/libexec/zmlogprocess
index 7ffce821..a5b1faac 100644
--- a/src/libexec/zmlogprocess
+++ b/src/libexec/zmlogprocess
@@ -224,7 +224,7 @@ sub run() {
     my $state  = updateState();
     open(LOG, "<$log_file") || die $!;

-    my $logregex = qr/(^.{15}) ((\d+\.\d+\.\d+\.\d+) \S+|(\S+)) ([^[]+)(\[(\d+)\])?: (.*)$/o;
+    my $logregex = qr/^(.{15}|\S+) ((\d+\.\d+\.\d+\.\d+) \S+|(\S+)) ([^[]+)(\[(\d+)\])?: (.*)$/o;
     my %host_data;
     my %host_qid_data; # hostname -> { qid -> { first, last } }
     init_counters(\%host_data);
Save it as zimbra_fix_rsyslog_precision_timestamps.patch, cd to /opt/zimbra and as root run:

Code: Select all

patch -p2 < zimbra_fix_rsyslog_precision_timestamps.patch
Post Reply