Merge pull request #27 from bluecat-japac/update-filter

JPC-2447 Update filter to support both of old and new version of BDDS
bluecat-japac · Sep 23, 2024 · 232ba26 · 232ba26
2 parents bb60ae6 + c30c419
commit 232ba26
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 9 deletions.
diff --git a/syslog_monitoring/Alarm/alarm_regex_common.py b/syslog_monitoring/Alarm/alarm_regex_common.py
@@ -17,7 +17,8 @@
     IPV6_PARTERN
 )
 
-REG_TARGET_STRING_IP = r"(client|master|from).({}|{})".format(IPV4_PARTERN, IPV6_PARTERN)
+
+REG_TARGET_STRING_IP = r"(client|master|primary|from).({}|{})".format(IPV4_PARTERN, IPV6_PARTERN)
 REG_TARGET_IP = r"({}|{})".format(IPV4_PARTERN, IPV6_PARTERN)
 REG_ZONE_STRING = r"(zone|transfer of ').(\w+[\.-]?)+/IN/(\w+[\.-]?)+"
 REG_ZONE = r"(\w+[\.-]?)+/IN/(\w+[\.-]?)+"

diff --git a/syslog_monitoring/Dockerfile b/syslog_monitoring/Dockerfile
@@ -1,7 +1,7 @@
 FROM ubuntu:18.04
 
-ENV DEBIAN_FRONTEND noninteractive
-ENV PYTHONPATH /etc/syslog-ng/syslog_monitoring
+ENV DEBIAN_FRONTEND=noninteractive
+ENV PYTHONPATH=/etc/syslog-ng/syslog_monitoring
 
 RUN apt-get update && \
     apt-get install -y gnupg2 syslog-ng-core syslog-ng python-pip snmp snmpd iproute2 && \
@@ -27,4 +27,4 @@ RUN pip install wheel && \
     dpkg-reconfigure tzdata && \
     apt-get install ntp -y
 
-CMD  ["./start.sh"]
+CMD  ["./start.sh"]
diff --git a/syslog_monitoring/filters.conf b/syslog_monitoring/filters.conf
@@ -13,7 +13,7 @@ filter f_load_configuration_success{
 };
 
 filter f_load_zone_failure{
-    match("zone.+/IN/.+loading from master file.+failed.+" value("MESSAGE"));
+    match("zone.+/IN/.+loading from (master|primary) file.+failed.+" value("MESSAGE"));
     or
     match("zone.+/IN/.+not loaded due to errors" value("MESSAGE"));
 };
@@ -25,7 +25,7 @@ filter f_load_zone_success{
 filter f_tsig_bad_time{
     match("client.+view.+request has invalid signature.+tsig verify failure.+\(BADTIME\)" value("MESSAGE"));
     or
-    match("zone.+/IN/.+refresh: failure trying master.+clocks are unsynchronized" value("MESSAGE"));
+    match("zone.+/IN/.+refresh: failure trying (master|primary).+clocks are unsynchronized" value("MESSAGE"));
 };
 
 filter f_tsig_not_bad_time{
@@ -56,8 +56,8 @@ filter f_read_only_force_success{
     match("Starting network Service" value("MESSAGE"));
 };
 
-filter f_zone_transfer_failure{
-    match("zone.+/IN/.+refresh: failure trying master.+" value("MESSAGE"));
+filter f_zone_transfer_failure {
+    match("zone.+/IN/.+refresh: failure trying (master|primary).+" value("MESSAGE"));
 };
 
 filter f_zone_transfer_success{
@@ -210,4 +210,4 @@ log {
 		rewrite(r_max_connection_limitation_filter);
         destination(d_filter_log);
     };
-};
+};