Skip to content

Commit

Permalink
Osquerybeat: Fix osquery logger plugin severy levels mapping (elastic…
Browse files Browse the repository at this point in the history
  • Loading branch information
aleksmaus authored and wiwen committed Nov 1, 2021
1 parent 32c550a commit 01281e2
Showing 1 changed file with 14 additions and 12 deletions.
26 changes: 14 additions & 12 deletions x-pack/osquerybeat/beater/logger_plugin.go
Original file line number Diff line number Diff line change
Expand Up @@ -35,15 +35,19 @@ const osqueryLogMessageFieldsCount = 6

type osqLogSeverity int

// The severity levels are taken from osquery source
// https://github.com/osquery/osquery/blob/master/osquery/core/plugins/logger.h#L39
// enum StatusLogSeverity {
// O_INFO = 0,
// O_WARNING = 1,
// O_ERROR = 2,
// O_FATAL = 3,
// };
const (
severityEmerg osqLogSeverity = iota
severityAlert
severityCrit
severityErr
severityWarn
severityNotice
severityInfo
severityDebug
severityInfo osqLogSeverity = iota
severityWarning
severityError
severityFatal
)

func (m *osqueryLogMessage) Log(typ logger.LogType, log *logp.Logger) {
Expand All @@ -65,14 +69,12 @@ func (m *osqueryLogMessage) Log(typ logger.LogType, log *logp.Logger) {
args = append(args, m.UnixTime)

switch osqLogSeverity(m.Severity) {
case severityEmerg, severityAlert, severityCrit:
case severityError, severityFatal:
log.Errorw(m.Message, args...)
case severityWarn, severityNotice:
case severityWarning:
log.Warnw(m.Message, args...)
case severityInfo:
log.Infow(m.Message, args...)
case severityDebug:
log.Debugw(m.Message, args...)
default:
log.Debugw(m.Message, args...)
}
Expand Down

0 comments on commit 01281e2

Please sign in to comment.