UNIX credentials and other metadata
Starting with AxoSyslog 3.6, the unix-stream()
and unix-dgram()
sources automatically extract the available UNIX credentials and other metainformation from the received log messages. The AxoSyslog application can extract the following information on Linux and FreeBSD platforms (examples show the value of the macro for the su - myuser
command). Similar information is available for the systemd-journal source.
Macro | Description |
---|---|
${.unix.cmdline} | The name (without the path) and command-line options of the executable belonging to the PID that sent the message. For example, su - myuser |
${.unix.exe} | The path of the executable belonging to the PID that sent the message. For example, /usr/bin/su |
${.unix.gid} | The group ID (GID) corresponding to the UID of the application that sent the log message. Note that this is the ID number of the group, not its human-readable name. For example, 0 |
${.unix.pid} | The process ID (PID) of the application that sent the log message. For example, Note that on every UNIX platforms, if the `system()` source uses sockets, it will overwrite the PID macro with the value of `${.unix.pid}`, if it is available. |
${.unix.uid} | The user ID (UID) of the application that sent the log message. Note that this is the ID number of the user, not its human-readable name. For example, 0 |
Last modified June 27, 2023: Update paths to follow-up moving the files (6585a5b)