2021-04-04 22:42:13 +03:00
|
|
|
%YAML 1.2
|
|
|
|
---
|
|
|
|
# http://www.sublimetext.com/docs/3/syntax.html
|
|
|
|
name: syslog
|
|
|
|
file_extensions:
|
|
|
|
- syslog
|
|
|
|
scope: text.syslog
|
2021-04-05 22:17:47 +03:00
|
|
|
variables:
|
|
|
|
ipv4_part: (?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)
|
2021-04-04 22:42:13 +03:00
|
|
|
contexts:
|
|
|
|
main:
|
2021-04-05 22:17:47 +03:00
|
|
|
- match: ^(\w+\s+\d+)\s+(\d{2}:\d{2}:\d{2})
|
2021-04-04 22:42:13 +03:00
|
|
|
scope: meta.datetime.syslog constant.numeric.syslog
|
2021-04-05 22:17:47 +03:00
|
|
|
captures:
|
|
|
|
1: meta.date.syslog
|
|
|
|
2: meta.time.syslog
|
2021-04-04 22:42:13 +03:00
|
|
|
push: loghost
|
|
|
|
loghost:
|
|
|
|
- match: '[\w-]+'
|
|
|
|
scope: entity.other.attribute-name.loghost.syslog
|
|
|
|
set: process
|
|
|
|
process:
|
|
|
|
- match: ([\w-]+)(?:(\[)(\d+)(\]))?(:)
|
|
|
|
captures:
|
|
|
|
1: support.function.process.syslog
|
|
|
|
2: punctuation.separator.pid.begin.syslog
|
|
|
|
3: meta.pid.syslog meta.number.integer.syslog constant.numeric.value.syslog
|
2021-04-05 22:17:47 +03:00
|
|
|
4: punctuation.separator.pid.end.syslog
|
|
|
|
5: punctuation.separator.mapping.syslog
|
2021-04-04 22:42:13 +03:00
|
|
|
set: structured-data
|
|
|
|
structured-data:
|
|
|
|
- match: '\['
|
|
|
|
scope: punctuation.section.mapping.begin.syslog
|
|
|
|
push:
|
|
|
|
- match: \]
|
|
|
|
scope: punctuation.section.mapping.end.syslog
|
|
|
|
pop: true
|
|
|
|
- match: \w+
|
|
|
|
scope: variable.parameter.syslog
|
|
|
|
- match: =
|
|
|
|
scope: keyword.operator.assignment.syslog
|
|
|
|
push:
|
|
|
|
- match: '[^\s\]]+'
|
|
|
|
scope: constant.other.syslog
|
|
|
|
pop: true
|
|
|
|
- match: (?=\])
|
|
|
|
pop: true
|
|
|
|
- match: (?=\S)
|
|
|
|
set: text
|
|
|
|
text:
|
|
|
|
- match: (\w+)(=)
|
|
|
|
captures:
|
|
|
|
1: variable.parameter.syslog
|
|
|
|
2: keyword.operator.assignment.syslog
|
|
|
|
- match: (')([^']*)(')
|
|
|
|
scope: string.quoted.single.syslog
|
|
|
|
captures:
|
|
|
|
1: punctuation.definition.string.begin.syslog
|
|
|
|
3: punctuation.definition.string.end.syslog
|
|
|
|
- match: (")([^"]*)(")
|
|
|
|
scope: string.quoted.double.syslog
|
|
|
|
captures:
|
|
|
|
1: punctuation.definition.string.begin.syslog
|
|
|
|
3: punctuation.definition.string.end.syslog
|
2021-04-05 22:17:47 +03:00
|
|
|
- include: numbers
|
2021-04-04 22:42:13 +03:00
|
|
|
- match: \b(CMD)\b\s+(\()
|
|
|
|
captures:
|
|
|
|
1: entity.name.label.syslog
|
|
|
|
2: punctuation.section.block.begin.syslog
|
|
|
|
embed: scope:source.shell.bash
|
2021-04-05 22:17:47 +03:00
|
|
|
escape: \)$
|
2021-04-04 22:42:13 +03:00
|
|
|
escape_captures:
|
|
|
|
0: punctuation.section.block.end.syslog
|
2021-04-05 22:17:47 +03:00
|
|
|
- match: '<\w+>'
|
|
|
|
scope: constant.language.syslog
|
|
|
|
- match: (?i:fail(?:ure|ed)?|error)
|
|
|
|
scope: invalid.illegal.error.syslog
|
2021-04-04 22:42:13 +03:00
|
|
|
- match: $
|
|
|
|
pop: true
|
2021-04-05 22:17:47 +03:00
|
|
|
numbers:
|
|
|
|
- match: (?=(?:{{ipv4_part}}\.){3}{{ipv4_part}})
|
|
|
|
push:
|
|
|
|
- meta_scope: meta.ipaddress.v4.syslog meta.number.integer.decimal.syslog
|
|
|
|
- match: \d+
|
|
|
|
scope: constant.numeric.value.syslog
|
|
|
|
- match: \.
|
|
|
|
scope: punctuation.separator.sequence.syslog
|
|
|
|
- match: ''
|
|
|
|
pop: true
|
|
|
|
- match: (?=(?:\h{0,4}:){2,6}\h{1,4})
|
|
|
|
push:
|
|
|
|
- meta_scope: meta.ipaddress.v6.syslog meta.number.integer.hexadecimal.syslog
|
|
|
|
- match: \h{1,4}
|
|
|
|
scope: constant.numeric.value.syslog
|
|
|
|
- match: ':'
|
|
|
|
scope: punctuation.separator.sequence.syslog
|
|
|
|
- match: ''
|
|
|
|
pop: true
|
|
|
|
- match: (0x)(\h+)(?:(\.)(\h+))?
|
|
|
|
scope: meta.number.float.hexadecimal.syslog
|
|
|
|
captures:
|
|
|
|
1: constant.numeric.base.syslog
|
|
|
|
2: constant.numeric.value.syslog
|
|
|
|
3: constant.numeric.value.syslog punctuation.separator.decimal.syslog
|
|
|
|
4: constant.numeric.value.syslog
|
|
|
|
- match: \b\d+(\.)\d+\b
|
|
|
|
scope: meta.number.float.syslog constant.numeric.value.syslog
|
|
|
|
captures:
|
|
|
|
1: punctuation.separator.decimal.syslog
|
|
|
|
- match: \b\d+\b
|
|
|
|
scope: meta.number.integer.syslog constant.numeric.value.syslog
|