Message tags

A message tag is a dot separated list of identifiers, specifying the non-hierarchical category for the given message. These non-hierarchical categories are named hierarchically, each part being more and more specific. Examples for message tags are: core.policy or http.request.

Message tags can be used for at least two different purposes:

  1. write them to the syslog, so later analysis may make use of it

  2. filter messages in different categories

The first possibility can be enabled using the --log-tags command line switch to Zorp.

In addition to simply writing it to your syslog, you can specify different verbosity levels for different log categories with the --log-spec command line switch.

--log-spec is a list of comma separated clauses. Each clause specifies the verbosity level for a matching set of categories. A clause is in the form messagetag:level, where messagetag is matched left to right, and may contain '*' as a wild-card for each part. Level is the verbosity level for the matching message tag. An example log specification might be: --log-spec=ftp.*:10,core.debug:0

Processing is not stopped on the first match, the last matching clause will be used. If none of them matches, the default verbosity level specified by --verbose will be used.