Log

ecs_types

Struct Log 

Source 
pub struct Log { /* private fields */ }
Expand description

Details about the event’s logging mechanism or logging transport.

The log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under log.syslog.*.

The details specific to your event source are typically not logged under log.*, but rather in event.* or in other ECS fields.

Implementations§

Source§

impl Log

Source

pub fn get_level(&self) -> Option<&String>

Original log level of the log event.

If the source of the event provides a log level or textual severity, this is the one that goes in log.level. If your source doesn’t specify one, you may put your event transport’s severity here (e.g. Syslog severity).

Some examples are warn, err, i, informational.

Source

pub fn set_level(&mut self, level_arg: String)

Original log level of the log event.

If the source of the event provides a log level or textual severity, this is the one that goes in log.level. If your source doesn’t specify one, you may put your event transport’s severity here (e.g. Syslog severity).

Some examples are warn, err, i, informational.

§Example

error

Source

pub fn get_file_path(&self) -> Option<&String>

Full path to the log file this event came from, including the file name. It should include the drive letter, when appropriate.

If the event wasn’t read from a log file, do not populate this field.

Source

pub fn set_file_path(&mut self, file_path_arg: String)

Full path to the log file this event came from, including the file name. It should include the drive letter, when appropriate.

If the event wasn’t read from a log file, do not populate this field.

§Example

/var/log/fun-times.log

Source

pub fn get_logger(&self) -> Option<&String>

The name of the logger inside an application. This is usually the name of the class which initialized the logger, or can be a custom name.

Source

pub fn set_logger(&mut self, logger_arg: String)

The name of the logger inside an application. This is usually the name of the class which initialized the logger, or can be a custom name.

§Example

org.elasticsearch.bootstrap.Bootstrap

Source

pub fn get_origin_file_name(&self) -> Option<&String>

The name of the file containing the source code which originated the log event.

Note that this field is not meant to capture the log file. The correct field to capture the log file is log.file.path.

Source

pub fn set_origin_file_name(&mut self, origin_file_name_arg: String)

The name of the file containing the source code which originated the log event.

Note that this field is not meant to capture the log file. The correct field to capture the log file is log.file.path.

§Example

Bootstrap.java

Source

pub fn get_origin_file_line(&self) -> Option<&u64>

The line number of the file containing the source code which originated the log event.

Source

pub fn set_origin_file_line(&mut self, origin_file_line_arg: u64)

The line number of the file containing the source code which originated the log event.

§Example

42

Source

pub fn get_origin_function(&self) -> Option<&String>

The name of the function or method which originated the log event.

Source

pub fn set_origin_function(&mut self, origin_function_arg: String)

The name of the function or method which originated the log event.

§Example

init

Source

pub fn get_syslog(&self) -> Option<&Value>

The Syslog metadata of the event, if the event was transmitted via Syslog. Please see RFCs 5424 or 3164.

Source

pub fn set_syslog(&mut self, syslog_arg: Value)

The Syslog metadata of the event, if the event was transmitted via Syslog. Please see RFCs 5424 or 3164.

Source

pub fn get_syslog_severity_code(&self) -> Option<&u64>

The Syslog numeric severity of the log event, if available.

If the event source publishing via Syslog provides a different numeric severity value (e.g. firewall, IDS), your source’s numeric severity should go to event.severity. If the event source does not specify a distinct severity, you can optionally copy the Syslog severity to event.severity.

Source

pub fn set_syslog_severity_code(&mut self, syslog_severity_code_arg: u64)

The Syslog numeric severity of the log event, if available.

If the event source publishing via Syslog provides a different numeric severity value (e.g. firewall, IDS), your source’s numeric severity should go to event.severity. If the event source does not specify a distinct severity, you can optionally copy the Syslog severity to event.severity.

§Example

3

Source

pub fn get_syslog_severity_name(&self) -> Option<&String>

The Syslog numeric severity of the log event, if available.

If the event source publishing via Syslog provides a different severity value (e.g. firewall, IDS), your source’s text severity should go to log.level. If the event source does not specify a distinct severity, you can optionally copy the Syslog severity to log.level.

Source

pub fn set_syslog_severity_name(&mut self, syslog_severity_name_arg: String)

The Syslog numeric severity of the log event, if available.

If the event source publishing via Syslog provides a different severity value (e.g. firewall, IDS), your source’s text severity should go to log.level. If the event source does not specify a distinct severity, you can optionally copy the Syslog severity to log.level.

§Example

Error

Source

pub fn get_syslog_facility_code(&self) -> Option<&u64>

The Syslog numeric facility of the log event, if available.

According to RFCs 5424 and 3164, this value should be an integer between 0 and 23.

Source

pub fn set_syslog_facility_code(&mut self, syslog_facility_code_arg: u64)

The Syslog numeric facility of the log event, if available.

According to RFCs 5424 and 3164, this value should be an integer between 0 and 23.

§Example

23

Source

pub fn get_syslog_facility_name(&self) -> Option<&String>

The Syslog text-based facility of the log event, if available.

Source

pub fn set_syslog_facility_name(&mut self, syslog_facility_name_arg: String)

The Syslog text-based facility of the log event, if available.

§Example

local7

Source

pub fn get_syslog_priority(&self) -> Option<&u64>

Syslog numeric priority of the event, if available.

According to RFCs 5424 and 3164, the priority is 8 * facility + severity. This number is therefore expected to contain a value between 0 and 191.

Source

pub fn set_syslog_priority(&mut self, syslog_priority_arg: u64)

Syslog numeric priority of the event, if available.

According to RFCs 5424 and 3164, the priority is 8 * facility + severity. This number is therefore expected to contain a value between 0 and 191.

§Example

135

Source

pub fn get_syslog_version(&self) -> Option<&String>

The version of the Syslog protocol specification. Only applicable for RFC 5424 messages.

Source

pub fn set_syslog_version(&mut self, syslog_version_arg: String)

The version of the Syslog protocol specification. Only applicable for RFC 5424 messages.

§Example

1

Source

pub fn get_syslog_hostname(&self) -> Option<&String>

The hostname, FQDN, or IP of the machine that originally sent the Syslog message. This is sourced from the hostname field of the syslog header. Depending on the environment, this value may be different from the host that handled the event, especially if the host handling the events is acting as a collector.

Source

pub fn set_syslog_hostname(&mut self, syslog_hostname_arg: String)

The hostname, FQDN, or IP of the machine that originally sent the Syslog message. This is sourced from the hostname field of the syslog header. Depending on the environment, this value may be different from the host that handled the event, especially if the host handling the events is acting as a collector.

§Example

example-host

Source

pub fn get_syslog_appname(&self) -> Option<&String>

The device or application that originated the Syslog message, if available.

Source

pub fn set_syslog_appname(&mut self, syslog_appname_arg: String)

The device or application that originated the Syslog message, if available.

§Example

sshd

Source

pub fn get_syslog_procid(&self) -> Option<&String>

The process name or ID that originated the Syslog message, if available.

Source

pub fn set_syslog_procid(&mut self, syslog_procid_arg: String)

The process name or ID that originated the Syslog message, if available.

§Example

12345

Source

pub fn get_syslog_msgid(&self) -> Option<&String>

An identifier for the type of Syslog message, if available. Only applicable for RFC 5424 messages.

Source

pub fn set_syslog_msgid(&mut self, syslog_msgid_arg: String)

An identifier for the type of Syslog message, if available. Only applicable for RFC 5424 messages.

§Example

ID47

Source

pub fn get_syslog_structured_data(&self) -> Option<&String>

Structured data expressed in RFC 5424 messages, if available. These are key-value pairs formed from the structured data portion of the syslog message, as defined in RFC 5424 Section 6.3.

Source

pub fn set_syslog_structured_data(&mut self, syslog_structured_data_arg: String)

Structured data expressed in RFC 5424 messages, if available. These are key-value pairs formed from the structured data portion of the syslog message, as defined in RFC 5424 Section 6.3.

Trait Implementations§

Source§

impl Clone for Log

Source§

fn clone(&self) -> Log

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Default for Log

Source§

fn default() -> Log

Returns the “default value” for a type. Read more
Source§

impl Serialize for Log

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more

Auto Trait Implementations§

§

impl Freeze for Log

§

impl RefUnwindSafe for Log

§

impl Send for Log

§

impl Sync for Log

§

impl Unpin for Log

§

impl UnwindSafe for Log

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.