1 /* packet-syslog.h 2 * Routines for syslog message dissection 3 * 4 * Copyright 2000, Gerald Combs <gerald[AT]wireshark.org> 5 * 6 * Support for passing SS7 MSUs (from the Cisco ITP Packet Logging 7 * facility) to the MTP3 dissector by Abhik Sarkar <sarkar.abhik[AT]gmail.com> 8 * with some rework by Jeff Morriss <jeff.morriss.ws [AT] gmail.com> 9 * 10 * Wireshark - Network traffic analyzer 11 * By Gerald Combs <gerald[AT]wireshark.org> 12 * Copyright 1998 Gerald Combs 13 * 14 * SPDX-License-Identifier: GPL-2.0-or-later 15 */ 16 17 #ifndef __PACKET_SYSLOG_H__ 18 #define __PACKET_SYSLOG_H__ 19 20 #ifdef __cplusplus 21 extern "C" { 22 #endif /* __cplusplus */ 23 24 /* Level / Priority */ 25 #define LEVEL_EMERG 0 26 #define LEVEL_ALERT 1 27 #define LEVEL_CRIT 2 28 #define LEVEL_ERR 3 29 #define LEVEL_WARNING 4 30 #define LEVEL_NOTICE 5 31 #define LEVEL_INFO 6 32 #define LEVEL_DEBUG 7 33 34 static const value_string syslog_level_vals[] = { 35 { LEVEL_EMERG, "EMERG - system is unusable" }, 36 { LEVEL_ALERT, "ALERT - action must be taken immediately" }, 37 { LEVEL_CRIT, "CRIT - critical conditions" }, 38 { LEVEL_ERR, "ERR - error conditions" }, 39 { LEVEL_WARNING, "WARNING - warning conditions" }, 40 { LEVEL_NOTICE, "NOTICE - normal but significant condition" }, 41 { LEVEL_INFO, "INFO - informational" }, 42 { LEVEL_DEBUG, "DEBUG - debug-level messages" }, 43 { 0, NULL } 44 }; 45 46 /* Facility */ 47 #define FAC_KERN 0 48 #define FAC_USER 1 49 #define FAC_MAIL 2 50 #define FAC_DAEMON 3 51 #define FAC_AUTH 4 52 #define FAC_SYSLOG 5 53 #define FAC_LPR 6 54 #define FAC_NEWS 7 55 #define FAC_UUCP 8 56 #define FAC_CRON 9 57 #define FAC_AUTHPRIV 10 58 #define FAC_FTP 11 59 #define FAC_NTP 12 60 #define FAC_LOGAUDIT 13 61 #define FAC_LOGALERT 14 62 #define FAC_CRON_SOL 15 63 #define FAC_LOCAL0 16 64 #define FAC_LOCAL1 17 65 #define FAC_LOCAL2 18 66 #define FAC_LOCAL3 19 67 #define FAC_LOCAL4 20 68 #define FAC_LOCAL5 21 69 #define FAC_LOCAL6 22 70 #define FAC_LOCAL7 23 71 72 static const value_string syslog_facility_vals[] = { 73 { FAC_KERN, "KERN - kernel messages" }, 74 { FAC_USER, "USER - random user-level messages" }, 75 { FAC_MAIL, "MAIL - mail system" }, 76 { FAC_DAEMON, "DAEMON - system daemons" }, 77 { FAC_AUTH, "AUTH - security/authorization messages" }, 78 { FAC_SYSLOG, "SYSLOG - messages generated internally by syslogd" }, 79 { FAC_LPR, "LPR - line printer subsystem" }, 80 { FAC_NEWS, "NEWS - network news subsystem" }, 81 { FAC_UUCP, "UUCP - UUCP subsystem" }, 82 { FAC_CRON, "CRON - clock daemon (BSD, Linux)" }, 83 { FAC_AUTHPRIV, "AUTHPRIV - security/authorization messages (private)" }, 84 { FAC_FTP, "FTP - ftp daemon" }, 85 { FAC_NTP, "NTP - ntp subsystem" }, 86 { FAC_LOGAUDIT, "LOGAUDIT - log audit" }, 87 { FAC_LOGALERT, "LOGALERT - log alert" }, 88 { FAC_CRON_SOL, "CRON - clock daemon (Solaris)" }, 89 { FAC_LOCAL0, "LOCAL0 - reserved for local use" }, 90 { FAC_LOCAL1, "LOCAL1 - reserved for local use" }, 91 { FAC_LOCAL2, "LOCAL2 - reserved for local use" }, 92 { FAC_LOCAL3, "LOCAL3 - reserved for local use" }, 93 { FAC_LOCAL4, "LOCAL4 - reserved for local use" }, 94 { FAC_LOCAL5, "LOCAL5 - reserved for local use" }, 95 { FAC_LOCAL6, "LOCAL6 - reserved for local use" }, 96 { FAC_LOCAL7, "LOCAL7 - reserved for local use" }, 97 { 0, NULL } 98 }; 99 100 #ifdef __cplusplus 101 } 102 #endif /* __cplusplus */ 103 104 #endif // __PACKET_SYSLOG_H__ 105