JPvRiel/README.md

## README.md

      
    Raw
  

              README.md
            
          
    Decode syslog priority

Well-formed syslog message headers start with the facility and severity encoded as the priority in angle brackets, e.g. <179>.... As per RFC5424:

The Priority value is calculated by first multiplying the Facility number by 8 and then adding the numerical value of the Severity.

The python files in this gist are a demo to help showcase how to decode the priority. E.g.:
pri = 179
fac = (int)(pri / 8)
sev = pri % 8
Code samples:

decode_syslog_pri_simple.py provides an MVP demo.
decode_syslog_pri.py provides a more complete object-oriented demo with lookups to human readable keywords for each facility and severity.

Reference:

wikipedia: Syslog
RFC5424: 6.2.1. PRI

GitHub gists don't correctly support relative links. Either navigate directly to the files, or use the gist-usable links below.

decode_syslog_pri.py
decode_syslog_pri_simple.py


## decode_syslog_pri.py
#!/usr/bin/env python3

import sys
import argparse


# v3.9+ type checking is used
if not (sys.version_info.major == 3 and sys.version_info.minor >= 9):
    sys.exit('ERROR: Aborting. Python 3.9+ is required.')


class SyslogPriority:

    @staticmethod
    def decode_pri(pri: int) -> tuple[int, int]:
        if not (pri >= 0 and pri <= 191):
            raise ValueError('Invalid priority integer. The value must be between 0 and 191.')
        fac = (int)(pri / 8)  # convenient that casting to int truncates/rounds down do discard the fractional part.
        sev = pri % 8
        return (fac, sev)

    @staticmethod
    def get_facility_keyword(fac: int) -> str:
        facility_lookup = {
            0: 'kern',
            1: 'user',
            2: 'mail',
            3: 'daemon',
            4: 'auth',
            5: 'syslog',
            6: 'lpr',
            7: 'news',
            8: 'uucp',
            9: 'cron',
            10: 'authpriv',
            11: 'ftp',
            12: 'ntp',
            13: 'security',
            14: 'console',
            15: 'solaris-cron',
            16: 'local0',
            17: 'local1',
            18: 'local2',
            19: 'local3',
            20: 'local4',
            21: 'local5',
            22: 'local6',
            23: 'local7'
        }
        if not (fac >= 0 and fac <= 23):
            raise ValueError('Invalid facility integer. The value must be between 0 and 23.')
        return facility_lookup[fac]

    @staticmethod
    def get_severity_keyword(sev: int) -> str:
        severity_lookup = {
            0: 'emerg',
            1: 'alert',
            2: 'crit',
            3: 'err',
            4: 'warning',
            5: 'notice',
            6: 'info',
            7: 'debug'
        }
        if not (sev >= 0 and sev <= 7):
            raise ValueError('Invalid severity integer. The value must be between 0 and 7.')
        return severity_lookup[sev]

    def __init__(self, pri: int) -> None:
        self.priority = pri
        self.facility, self.severity = self.decode_pri(pri)
        self.facility_keyword = self.get_facility_keyword(self.facility)
        self.severity_keyword = self.get_severity_keyword(self.severity)

    def __str__(self):
        return str(
            {
                'priority': self.priority,
                'facility': (self.facility, self.facility_keyword),
                'severity': (self.severity, self.severity_keyword )
            }
        )


if __name__ == '__main__':

    parser = argparse.ArgumentParser(description='Decode syslog priority integer.')
    parser.add_argument('-p', '--priority', type=int, nargs='?', required=True, choices=range(0, 191), help='priority int')
    args = parser.parse_args()
    sys_pri = SyslogPriority(args.priority)
    print(sys_pri)

## decode_syslog_pri_simple.py
#!/usr/bin/env python3

import sys

# Check arg
if len(sys.argv) != 2:
    raise Exception('An integer for priority is required as the only argument.')

pri = int(sys.argv[1])
fac = (int)(pri / 8)  # convenient that casting to int truncates/rounds down do discard the fractional part.
sev = pri % 8
print(f'pri: {pri}, fac: {fac}, sev: {sev}')
	#!/usr/bin/env python3

	import sys
	import argparse


	# v3.9+ type checking is used
	if not (sys.version_info.major == 3 and sys.version_info.minor >= 9):
	sys.exit('ERROR: Aborting. Python 3.9+ is required.')


	class SyslogPriority:

	@staticmethod
	def decode_pri(pri: int) -> tuple[int, int]:
	if not (pri >= 0 and pri <= 191):
	raise ValueError('Invalid priority integer. The value must be between 0 and 191.')
	fac = (int)(pri / 8) # convenient that casting to int truncates/rounds down do discard the fractional part.
	sev = pri % 8
	return (fac, sev)

	@staticmethod
	def get_facility_keyword(fac: int) -> str:
	facility_lookup = {
	0: 'kern',
	1: 'user',
	2: 'mail',
	3: 'daemon',
	4: 'auth',
	5: 'syslog',
	6: 'lpr',
	7: 'news',
	8: 'uucp',
	9: 'cron',
	10: 'authpriv',
	11: 'ftp',
	12: 'ntp',
	13: 'security',
	14: 'console',
	15: 'solaris-cron',
	16: 'local0',
	17: 'local1',
	18: 'local2',
	19: 'local3',
	20: 'local4',
	21: 'local5',
	22: 'local6',
	23: 'local7'
	}
	if not (fac >= 0 and fac <= 23):
	raise ValueError('Invalid facility integer. The value must be between 0 and 23.')
	return facility_lookup[fac]

	@staticmethod
	def get_severity_keyword(sev: int) -> str:
	severity_lookup = {
	0: 'emerg',
	1: 'alert',
	2: 'crit',
	3: 'err',
	4: 'warning',
	5: 'notice',
	6: 'info',
	7: 'debug'
	}
	if not (sev >= 0 and sev <= 7):
	raise ValueError('Invalid severity integer. The value must be between 0 and 7.')
	return severity_lookup[sev]

	def __init__(self, pri: int) -> None:
	self.priority = pri
	self.facility, self.severity = self.decode_pri(pri)
	self.facility_keyword = self.get_facility_keyword(self.facility)
	self.severity_keyword = self.get_severity_keyword(self.severity)

	def __str__(self):
	return str(
	{
	'priority': self.priority,
	'facility': (self.facility, self.facility_keyword),
	'severity': (self.severity, self.severity_keyword )
	}
	)


	if __name__ == '__main__':

	parser = argparse.ArgumentParser(description='Decode syslog priority integer.')
	parser.add_argument('-p', '--priority', type=int, nargs='?', required=True, choices=range(0, 191), help='priority int')
	args = parser.parse_args()
	sys_pri = SyslogPriority(args.priority)
	print(sys_pri)
	#!/usr/bin/env python3

	import sys

	# Check arg
	if len(sys.argv) != 2:
	raise Exception('An integer for priority is required as the only argument.')

	pri = int(sys.argv[1])
	fac = (int)(pri / 8) # convenient that casting to int truncates/rounds down do discard the fractional part.
	sev = pri % 8
	print(f'pri: {pri}, fac: {fac}, sev: {sev}')