tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Request for DLT for Linux Kernel Messages

From: Michal Labedzki <michal.labedzki () tieto com>
Date: Mon, 30 Dec 2013 09:00:39 +0100
On 30 December 2013 00:20, Guy Harris <guy () alum mit edu> wrote:

...and the packet format is just a line containing text, so that the packet data is just N bytes of text (presumably 
without an NL at the end), with a bunch of comma-separated fields giving priority/sequence number/time stamp/text?  
Where are the fields documented?



Documentation is provided by Linux Kernel:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/Documentation/ABI/testing/dev-kmsg?id=refs/tags/v3.12


priority/sequence number/time stamp/text?


And "text" can be dissected too, because there can be more then one
line, first line seems to be always "human readable text", next are
similar (the same) as "udev" events (SUBSYSTEM=*; DEVICE=*)
My idea is:
libpcap goal: capture kernel logs, it is important context info
Wireshark goal: filterable kernel logs, for example timestamp delta
0.4s and character device with major < 196.
-- 

Pozdrawiam / Best regards
-------------------------------------------------------------------------------------------------------------
Michał Łabędzki, Software Engineer
Tieto Corporation

Product Development Services

http://www.tieto.com / http://www.tieto.pl
---
ASCII: Michal Labedzki
location: Swobodna 1 Street, 50-088 Wrocław, Poland
room: 5.01 (desk next to 5.08)
---
Please note: The information contained in this message may be legally
privileged and confidential and protected from disclosure. If the
reader of this message is not the intended recipient, you are hereby
notified that any unauthorised use, distribution or copying of this
communication is strictly prohibited. If you have received this
communication in error, please notify us immediately by replying to
the message and deleting it from your computer. Thank You.
---
Please consider the environment before printing this e-mail.
---
Tieto Poland spółka z ograniczoną odpowiedzialnością z siedzibą w
Szczecinie, ul. Malczewskiego 26. Zarejestrowana w Sądzie Rejonowym
Szczecin-Centrum w Szczecinie, XIII Wydział Gospodarczy Krajowego
Rejestru Sądowego pod numerem 0000124858. NIP: 8542085557. REGON:
812023656. Kapitał zakładowy: 4 271500 PLN
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Previous By Date Next
Previous By Thread Next

Current thread: