Wireshark  4.3.0
The Wireshark network protocol analyzer
packet-syslog.h
1 /* packet-syslog.h
2  * Routines for syslog message dissection
3  *
4  * Copyright 2000, Gerald Combs <gerald[AT]wireshark.org>
5  *
6  * Support for passing SS7 MSUs (from the Cisco ITP Packet Logging
7  * facility) to the MTP3 dissector by Abhik Sarkar <sarkar.abhik[AT]gmail.com>
8  * with some rework by Jeff Morriss <jeff.morriss.ws [AT] gmail.com>
9  *
10  * Wireshark - Network traffic analyzer
11  * By Gerald Combs <gerald[AT]wireshark.org>
12  * Copyright 1998 Gerald Combs
13  *
14  * SPDX-License-Identifier: GPL-2.0-or-later
15  */
16 
17 #ifndef __PACKET_SYSLOG_H__
18 #define __PACKET_SYSLOG_H__
19 
20 #ifdef __cplusplus
21 extern "C" {
22 #endif /* __cplusplus */
23 
24 /* Level / Priority */
25 #define LEVEL_EMERG 0
26 #define LEVEL_ALERT 1
27 #define LEVEL_CRIT 2
28 #define LEVEL_ERR 3
29 #define LEVEL_WARNING 4
30 #define LEVEL_NOTICE 5
31 #define LEVEL_INFO 6
32 #define LEVEL_DEBUG 7
33 
34 static const value_string syslog_level_vals[] = {
35  { LEVEL_EMERG, "EMERG - system is unusable" },
36  { LEVEL_ALERT, "ALERT - action must be taken immediately" },
37  { LEVEL_CRIT, "CRIT - critical conditions" },
38  { LEVEL_ERR, "ERR - error conditions" },
39  { LEVEL_WARNING, "WARNING - warning conditions" },
40  { LEVEL_NOTICE, "NOTICE - normal but significant condition" },
41  { LEVEL_INFO, "INFO - informational" },
42  { LEVEL_DEBUG, "DEBUG - debug-level messages" },
43  { 0, NULL }
44 };
45 
46 /* Facility */
47 #define FAC_KERN 0
48 #define FAC_USER 1
49 #define FAC_MAIL 2
50 #define FAC_DAEMON 3
51 #define FAC_AUTH 4
52 #define FAC_SYSLOG 5
53 #define FAC_LPR 6
54 #define FAC_NEWS 7
55 #define FAC_UUCP 8
56 #define FAC_CRON 9
57 #define FAC_AUTHPRIV 10
58 #define FAC_FTP 11
59 #define FAC_NTP 12
60 #define FAC_LOGAUDIT 13
61 #define FAC_LOGALERT 14
62 #define FAC_CRON_SOL 15
63 #define FAC_LOCAL0 16
64 #define FAC_LOCAL1 17
65 #define FAC_LOCAL2 18
66 #define FAC_LOCAL3 19
67 #define FAC_LOCAL4 20
68 #define FAC_LOCAL5 21
69 #define FAC_LOCAL6 22
70 #define FAC_LOCAL7 23
71 
72 static const value_string syslog_facility_vals[] = {
73  { FAC_KERN, "KERN - kernel messages" },
74  { FAC_USER, "USER - random user-level messages" },
75  { FAC_MAIL, "MAIL - mail system" },
76  { FAC_DAEMON, "DAEMON - system daemons" },
77  { FAC_AUTH, "AUTH - security/authorization messages" },
78  { FAC_SYSLOG, "SYSLOG - messages generated internally by syslogd" },
79  { FAC_LPR, "LPR - line printer subsystem" },
80  { FAC_NEWS, "NEWS - network news subsystem" },
81  { FAC_UUCP, "UUCP - UUCP subsystem" },
82  { FAC_CRON, "CRON - clock daemon (BSD, Linux)" },
83  { FAC_AUTHPRIV, "AUTHPRIV - security/authorization messages (private)" },
84  { FAC_FTP, "FTP - ftp daemon" },
85  { FAC_NTP, "NTP - ntp subsystem" },
86  { FAC_LOGAUDIT, "LOGAUDIT - log audit" },
87  { FAC_LOGALERT, "LOGALERT - log alert" },
88  { FAC_CRON_SOL, "CRON - clock daemon (Solaris)" },
89  { FAC_LOCAL0, "LOCAL0 - reserved for local use" },
90  { FAC_LOCAL1, "LOCAL1 - reserved for local use" },
91  { FAC_LOCAL2, "LOCAL2 - reserved for local use" },
92  { FAC_LOCAL3, "LOCAL3 - reserved for local use" },
93  { FAC_LOCAL4, "LOCAL4 - reserved for local use" },
94  { FAC_LOCAL5, "LOCAL5 - reserved for local use" },
95  { FAC_LOCAL6, "LOCAL6 - reserved for local use" },
96  { FAC_LOCAL7, "LOCAL7 - reserved for local use" },
97  { 0, NULL }
98 };
99 
100 #ifdef __cplusplus
101 }
102 #endif /* __cplusplus */
103 
104 #endif // __PACKET_SYSLOG_H__
Definition: value_string.h:26