Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

syslog file without year and passed --dt-filter-after has wrong summary datetime first #242

Open
jtmoon79 opened this issue Mar 3, 2024 · 0 comments
Labels
bug Something isn't working P1 important

Comments

@jtmoon79
Copy link
Owner

jtmoon79 commented Mar 3, 2024

Describe the bug

File ./logs/Ubuntu22/syslog has contents (truncated)

Oct  3 21:48:21 host4b systemd[1]: rsyslog.service: Sent signal SIGHUP to main process 757 (rsyslogd) on client request.
Oct  3 21:48:21 host4b systemd[1]: logrotate.service: Deactivated successfully.

File modified time is 2022-10-03 21:48:21 -0700.

The printed summary datetime first will be 1972-10-03T21:48:21-08:00 which is the wrong year.

To Reproduce

  1. command
    ./target/debug/s4 ./logs/Ubuntu22/syslog -s -a '20230403' -u
    
    -b does not cause the bug
  2. summary output has
       datetime first: 1972-10-03T21:48:21-08:00 (1972-10-04 05:48:21 +00:00)
       datetime last : 2022-10-03T21:48:26-08:00 (2022-10-04 05:48:26 +00:00)
    
    Additionally, the debug binary output has warning
                     →process_stage2_find_dt:
     WARNING: called dt_pattern_has_year() without having processed some syslines
                                  dt_pattern_index_max_count: self.dt_patterns_counts[index 33]=2 is DateTimeParseInstr: { regex_pattern: "^>
                                  dt_pattern_index_max_count: self.dt_patterns_indexes 33
                                  dt_pattern_index_max_count: after analysis
                         ↔dt_pattern_has_year: dtpd line 3119
    
    I'm not sure if it is related.

The interpreted datetimes for each sysline is correct, as shown by the -u prepended datetime.

Environment:

  • OS: Ubuntu 22
  • s4 version: 0.6.68
@jtmoon79 jtmoon79 added bug Something isn't working P1 important labels Mar 3, 2024
@jtmoon79 jtmoon79 changed the title syslog file without year and passed dt filters has wrong summary datetime first syslog file without year and passed --dt-filter-after has wrong summary datetime first Mar 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working P1 important
Projects
None yet
Development

No branches or pull requests

1 participant