Can anyone point me to where the ERROR WARNING and...
# generalh
HarlanF
08/14/2021, 12:42 AMCan anyone point me to where the ERROR WARNING and INFO symlinks are created in the source code? Trying to figure out what logic's used.
z
zwass
08/14/2021, 12:44 AM
Haven't looked at this in a while, but it might be done in
glogs
Stefano Bonicatti
08/14/2021, 9:02 AMWhere to log is somewhat decided by glog yes, but we also provide destinations for specific log levels here https://github.com/osquery/osquery/blob/08736648aacaefbdfc90bc2b87acc4414fd6c9ec/plugins/logger/filesystem_logger.cpp#L249-L252
Though how I see it currently working is that .INFO contains everything from INFO and up (controlled by the logger_min_status flag), .WARNING contains from the warnings and up (so also errors) and .ERROR contains errors only.
ty 1
Stefano Bonicatti
08/14/2021, 9:13 AM(This is akin to syslog)
h
HarlanF
08/16/2021, 2:57 PMYou rock, guys; thanks so much!
HarlanF
08/16/2021, 2:59 PMThat's peculiar that those strata have their own value and up, if one had three different specific files.
2 Views