liblognorm/liblognorm-0.3.4-rename-to-lognormalizer.patch

diff -Naru a/src/lognormalizer.c b/src/lognormalizer.c
--- a/src/lognormalizer.c	1970-01-01 05:30:00.000000000 +0530
+++ b/src/lognormalizer.c	2012-09-20 14:45:09.780374402 +0530
@@ -0,0 +1,246 @@
+/**
+ * @file normalizer.c
+ * @brief A small tool to normalize data.
+ *
+ * This is the most basic example demonstrating how to use liblognorm.
+ * It loads log samples from the files specified on the command line,
+ * reads to-be-normalized data from stdin and writes the normalized
+ * form to stdout. Besides being an example, it also carries out useful
+ * processing.
+ *
+ * @author Rainer Gerhards <rgerhards@adiscon.com>
+ *
+ *//*
+ * liblognorm - a fast samples-based log normalization library
+ * Copyright 2010-2011 by Rainer Gerhards and Adiscon GmbH.
+ *
+ * This file is part of liblognorm.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ * A copy of the LGPL v2.1 can be found in the file "COPYING" in this distribution.
+ */
+#include <stdio.h>
+#include <string.h>
+#include <getopt.h>
+#include <libestr.h>
+#include <libee/libee.h>
+#include "liblognorm.h"
+#include "ptree.h"
+#include "lognorm.h"
+
+static ln_ctx ctx;
+static ee_ctx eectx;
+
+static int verbose = 0;
+static int parsedOnly = 0;	/**< output unparsed messages? */
+static int flatTags = 0;	/**< output unparsed messages? */
+static FILE *fpDOT;
+static es_str_t *encFmt = NULL; /**< a format string for encoder use */
+static es_str_t *mandatoryTag = NULL; /**< tag which must be given so that mesg will
+					   be output. NULL=all */
+static enum { f_syslog, f_json, f_xml, f_csv } outfmt = f_syslog;
+
+void
+dbgCallBack(void __attribute__((unused)) *cookie, char *msg,
+	    size_t __attribute__((unused)) lenMsg)
+{
+	printf("liblognorm: %s\n", msg);
+}
+
+void errout(char *errmsg)
+{
+	fprintf(stderr, "%s\n", errmsg);
+	exit(1);
+}
+
+
+/* param str is just a performance enhancement, which saves us re-creation
+ * of the string on every call.
+ */
+static inline void
+outputEvent(struct ee_event *event)
+{
+	char *cstr;
+	es_str_t *str = NULL;
+
+	switch(outfmt) {
+	case f_json:
+		ee_fmtEventToJSON(event, &str);
+		break;
+	case f_syslog:
+		ee_fmtEventToRFC5424(event, &str);
+		break;
+	case f_xml:
+		ee_fmtEventToXML(event, &str);
+		break;
+	case f_csv:
+		ee_fmtEventToCSV(event, &str, encFmt);
+		break;
+	}
+	cstr = es_str2cstr(str, NULL);
+	if(verbose > 0) printf("normalized: '%s'\n", cstr);
+	printf("%s\n", cstr);
+	free(cstr);
+	es_deleteStr(str);
+}
+
+
+/* normalize input data
+ */
+void
+normalize(void)
+{
+	FILE *fp = stdin;
+	char buf[10*1024];
+	es_str_t *str;
+	struct ee_event *event = NULL;
+	es_str_t *constUnparsed;
+	long long unsigned numUnparsed = 0;
+	long long unsigned numWrongTag = 0;
+
+	constUnparsed = es_newStrFromBuf("unparsed-data", sizeof("unparsed-data") - 1);
+
+	while((fgets(buf, sizeof(buf), fp)) != NULL) {
+		buf[strlen(buf)-1] = '\0';
+		if(strlen(buf) > 0 && buf[strlen(buf)-1] == '\r')
+			buf[strlen(buf)-1] = '\0';
+		if(verbose > 0) printf("To normalize: '%s'\n", buf);
+		str = es_newStrFromCStr(buf, strlen(buf));
+		ln_normalize(ctx, str, &event);
+		//printf("normalize result: %d\n", ln_normalizeRec(ctx, ctx->ptree, str, 0, &event));
+		if(event != NULL) {
+			if(   mandatoryTag == NULL
+			   || (mandatoryTag != NULL && ee_EventHasTag(event, mandatoryTag))) {
+				if(   parsedOnly == 1
+				   && ee_getEventField(event, constUnparsed) != NULL){
+					numUnparsed++;
+				} else {
+					outputEvent(event);
+				}
+			} else {
+				numWrongTag++;
+			}
+			ee_deleteEvent(event);
+			event = NULL;
+		}
+		es_deleteStr(str);
+	}
+	if(numUnparsed > 0)
+		fprintf(stderr, "%llu unparsable entries\n", numUnparsed);
+	if(numWrongTag > 0)
+		fprintf(stderr, "%llu entries with wrong tag dropped\n", numWrongTag);
+	es_deleteStr(constUnparsed);
+}
+
+
+/**
+ * Generate a command file for the GNU DOT tools.
+ */
+static void
+genDOT()
+{
+	es_str_t *str;
+
+	str = es_newStr(1024);
+	ln_genDotPTreeGraph(ctx->ptree, &str);
+	fwrite(es_getBufAddr(str), 1, es_strlen(str), fpDOT);
+}
+
+
+int main(int argc, char *argv[])
+{
+	int opt;
+	char *repository = NULL;
+	
+	while((opt = getopt(argc, argv, "d:e:r:E:vpt:T")) != -1) {
+		switch (opt) {
+		case 'd': /* generate DOT file */
+			if(!strcmp(optarg, "")) {
+				fpDOT = stdout;
+			} else {
+				if((fpDOT = fopen(optarg, "w")) == NULL) {
+					errout("cannot open DOT file");
+				}
+			}
+		case 'v':
+			verbose++;
+			break;
+		case 'E': /* encoder-specific format string (will be validated by encoder) */ 
+			encFmt = es_newStrFromCStr(optarg, strlen(optarg));
+			break;
+		case 'p':
+			parsedOnly = 1;
+			break;
+		case 'T':
+			flatTags = 1;
+			break;
+		case 'e': /* encoder to use */
+			if(!strcmp(optarg, "json")) {
+				outfmt = f_json;
+			} else if(!strcmp(optarg, "xml")) {
+				outfmt = f_xml;
+			} else if(!strcmp(optarg, "csv")) {
+				outfmt = f_csv;
+			}
+			break;
+		case 'r': /* rule base to use */
+			repository = optarg;
+			break;
+		case 't': /* if given, only messages tagged with the argument
+			     are output */
+			mandatoryTag = es_newStrFromCStr(optarg, strlen(optarg));
+			break;
+		}
+	}
+	
+	if(repository == NULL) {
+		errout("samples repository must be given");
+	}
+
+	if((ctx = ln_initCtx()) == NULL) {
+		errout("Could not initialize liblognorm context");
+	}
+
+	if((eectx = ee_initCtx()) == NULL) {
+		errout("Could not initialize libee context");
+	}
+	if(flatTags) {
+		ee_setFlags(eectx, EE_CTX_FLAG_INCLUDE_FLAT_TAGS);
+	}
+
+	if(verbose) {
+		ln_setDebugCB(ctx, dbgCallBack, NULL);
+		ln_enableDebug(ctx, 1);
+	}
+	ln_setEECtx(ctx, eectx);
+
+	ln_loadSamples(ctx, repository);
+
+	if(verbose > 0)
+		printf("number of tree nodes: %d\n", ctx->nNodes);
+
+	if(fpDOT != NULL) {
+		genDOT();
+		exit(1);
+	}
+
+	if(verbose > 2) ln_displayPTree(ctx->ptree, 0);
+
+	normalize();
+
+	ln_exitCtx(ctx);
+	return 0;
+}
diff -Naru a/src/Makefile.am b/src/Makefile.am
--- a/src/Makefile.am	2012-09-20 14:45:07.345374340 +0530
+++ b/src/Makefile.am	2012-09-20 14:48:25.492379050 +0530
@@ -4,12 +4,12 @@
 
 #CFLAGS += $(DEBUG)
 
-# we need to clean the normalizer up once we have reached a decent
+# we need to clean the lognormalizer up once we have reached a decent
 # milestone (latest at initial release!)
-bin_PROGRAMS = normalizer
-normalizer_SOURCES = normalizer.c
-normalizer_CPPFLAGS =  -I$(top_srcdir) $(LIBEE_CFLAGS) $(LIBESTR_CFLAGS)
-normalizer_LDADD = $(LIBEE_LIBS) $(LIBLOGNORM_LIBS) $(LIBESTR_LIBS)
+bin_PROGRAMS = lognormalizer
+lognormalizer_SOURCES = lognormalizer.c
+lognormalizer_CPPFLAGS =  -I$(top_srcdir) $(LIBEE_CFLAGS) $(LIBESTR_CFLAGS)
+lognormalizer_LDADD = $(LIBEE_LIBS) $(LIBLOGNORM_LIBS) $(LIBESTR_LIBS)
 
 lib_LTLIBRARIES = liblognorm.la
 
diff -Naru a/src/Makefile.in b/src/Makefile.in
--- a/src/Makefile.in	2012-09-20 14:45:07.345374340 +0530
+++ b/src/Makefile.in	2012-09-20 14:48:00.210378450 +0530
@@ -36,7 +36,7 @@
 POST_UNINSTALL = :
 build_triplet = @build@
 host_triplet = @host@
-bin_PROGRAMS = normalizer$(EXEEXT)
+bin_PROGRAMS = lognormalizer$(EXEEXT)
 subdir = src
 DIST_COMMON = $(include_HEADERS) $(srcdir)/Makefile.am \
 	$(srcdir)/Makefile.in
@@ -89,9 +89,9 @@
 	$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
 	$(liblognorm_la_LDFLAGS) $(LDFLAGS) -o $@
 PROGRAMS = $(bin_PROGRAMS)
-am_normalizer_OBJECTS = normalizer-normalizer.$(OBJEXT)
-normalizer_OBJECTS = $(am_normalizer_OBJECTS)
-normalizer_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
+am_lognormalizer_OBJECTS = lognormalizer-lognormalizer.$(OBJEXT)
+lognormalizer_OBJECTS = $(am_lognormalizer_OBJECTS)
+lognormalizer_DEPENDENCIES = $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_1) \
 	$(am__DEPENDENCIES_1)
 DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/depcomp
@@ -119,8 +119,8 @@
 AM_V_GEN = $(am__v_GEN_$(V))
 am__v_GEN_ = $(am__v_GEN_$(AM_DEFAULT_VERBOSITY))
 am__v_GEN_0 = @echo "  GEN   " $@;
-SOURCES = $(liblognorm_la_SOURCES) $(normalizer_SOURCES)
-DIST_SOURCES = $(liblognorm_la_SOURCES) $(normalizer_SOURCES)
+SOURCES = $(liblognorm_la_SOURCES) $(lognormalizer_SOURCES)
+DIST_SOURCES = $(liblognorm_la_SOURCES) $(lognormalizer_SOURCES)
 HEADERS = $(include_HEADERS)
 ETAGS = etags
 CTAGS = ctags
@@ -250,9 +250,9 @@
 # Uncomment for debugging
 DEBUG = -g
 PTHREADS_CFLAGS = -pthread
-normalizer_SOURCES = normalizer.c
-normalizer_CPPFLAGS = -I$(top_srcdir) $(LIBEE_CFLAGS) $(LIBESTR_CFLAGS)
-normalizer_LDADD = $(LIBEE_LIBS) $(LIBLOGNORM_LIBS) $(LIBESTR_LIBS)
+lognormalizer_SOURCES = lognormalizer.c
+lognormalizer_CPPFLAGS = -I$(top_srcdir) $(LIBEE_CFLAGS) $(LIBESTR_CFLAGS)
+lognormalizer_LDADD = $(LIBEE_LIBS) $(LIBLOGNORM_LIBS) $(LIBESTR_LIBS)
 lib_LTLIBRARIES = liblognorm.la
 liblognorm_la_SOURCES = \
 	liblognorm.c \
@@ -383,9 +383,9 @@
 	list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \
 	echo " rm -f" $$list; \
 	rm -f $$list
-normalizer$(EXEEXT): $(normalizer_OBJECTS) $(normalizer_DEPENDENCIES) 
-	@rm -f normalizer$(EXEEXT)
-	$(AM_V_CCLD)$(LINK) $(normalizer_OBJECTS) $(normalizer_LDADD) $(LIBS)
+lognormalizer$(EXEEXT): $(lognormalizer_OBJECTS) $(lognormalizer_DEPENDENCIES) 
+	@rm -f lognormalizer$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(lognormalizer_OBJECTS) $(lognormalizer_LDADD) $(LIBS)
 
 mostlyclean-compile:
 	-rm -f *.$(OBJEXT)
@@ -398,7 +398,7 @@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/liblognorm_la-lognorm.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/liblognorm_la-ptree.Plo@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/liblognorm_la-samp.Plo@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/normalizer-normalizer.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/lognormalizer-lognormalizer.Po@am__quote@
 
 .c.o:
 @am__fastdepCC_TRUE@	$(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -464,21 +464,21 @@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
 @am__fastdepCC_FALSE@	$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(liblognorm_la_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o liblognorm_la-lognorm.lo `test -f 'lognorm.c' || echo '$(srcdir)/'`lognorm.c
 
-normalizer-normalizer.o: normalizer.c
-@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(normalizer_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT normalizer-normalizer.o -MD -MP -MF $(DEPDIR)/normalizer-normalizer.Tpo -c -o normalizer-normalizer.o `test -f 'normalizer.c' || echo '$(srcdir)/'`normalizer.c
-@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/normalizer-normalizer.Tpo $(DEPDIR)/normalizer-normalizer.Po
+lognormalizer-lognormalizer.o: lognormalizer.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lognormalizer_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lognormalizer-lognormalizer.o -MD -MP -MF $(DEPDIR)/lognormalizer-lognormalizer.Tpo -c -o lognormalizer-lognormalizer.o `test -f 'lognormalizer.c' || echo '$(srcdir)/'`lognormalizer.c
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/lognormalizer-lognormalizer.Tpo $(DEPDIR)/lognormalizer-lognormalizer.Po
 @am__fastdepCC_FALSE@	$(AM_V_CC) @AM_BACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='normalizer.c' object='normalizer-normalizer.o' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='lognormalizer.c' object='lognormalizer-lognormalizer.o' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(normalizer_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o normalizer-normalizer.o `test -f 'normalizer.c' || echo '$(srcdir)/'`normalizer.c
+@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lognormalizer_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lognormalizer-lognormalizer.o `test -f 'lognormalizer.c' || echo '$(srcdir)/'`lognormalizer.c
 
-normalizer-normalizer.obj: normalizer.c
-@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(normalizer_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT normalizer-normalizer.obj -MD -MP -MF $(DEPDIR)/normalizer-normalizer.Tpo -c -o normalizer-normalizer.obj `if test -f 'normalizer.c'; then $(CYGPATH_W) 'normalizer.c'; else $(CYGPATH_W) '$(srcdir)/normalizer.c'; fi`
-@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/normalizer-normalizer.Tpo $(DEPDIR)/normalizer-normalizer.Po
+lognormalizer-lognormalizer.obj: lognormalizer.c
+@am__fastdepCC_TRUE@	$(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lognormalizer_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lognormalizer-lognormalizer.obj -MD -MP -MF $(DEPDIR)/lognormalizer-lognormalizer.Tpo -c -o lognormalizer-lognormalizer.obj `if test -f 'lognormalizer.c'; then $(CYGPATH_W) 'lognormalizer.c'; else $(CYGPATH_W) '$(srcdir)/lognormalizer.c'; fi`
+@am__fastdepCC_TRUE@	$(AM_V_at)$(am__mv) $(DEPDIR)/lognormalizer-lognormalizer.Tpo $(DEPDIR)/lognormalizer-lognormalizer.Po
 @am__fastdepCC_FALSE@	$(AM_V_CC) @AM_BACKSLASH@
-@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='normalizer.c' object='normalizer-normalizer.obj' libtool=no @AMDEPBACKSLASH@
+@AMDEP_TRUE@@am__fastdepCC_FALSE@	source='lognormalizer.c' object='lognormalizer-lognormalizer.obj' libtool=no @AMDEPBACKSLASH@
 @AMDEP_TRUE@@am__fastdepCC_FALSE@	DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(normalizer_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o normalizer-normalizer.obj `if test -f 'normalizer.c'; then $(CYGPATH_W) 'normalizer.c'; else $(CYGPATH_W) '$(srcdir)/normalizer.c'; fi`
+@am__fastdepCC_FALSE@	$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(lognormalizer_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lognormalizer-lognormalizer.obj `if test -f 'lognormalizer.c'; then $(CYGPATH_W) 'lognormalizer.c'; else $(CYGPATH_W) '$(srcdir)/lognormalizer.c'; fi`
 
 mostlyclean-libtool:
 	-rm -f *.lo
diff -Naru a/src/normalizer.c b/src/normalizer.c
--- a/src/normalizer.c	2012-09-20 14:45:07.345374340 +0530
+++ b/src/normalizer.c	1970-01-01 05:30:00.000000000 +0530
@@ -1,246 +0,0 @@
-/**
- * @file normalizer.c
- * @brief A small tool to normalize data.
- *
- * This is the most basic example demonstrating how to use liblognorm.
- * It loads log samples from the files specified on the command line,
- * reads to-be-normalized data from stdin and writes the normalized
- * form to stdout. Besides being an example, it also carries out useful
- * processing.
- *
- * @author Rainer Gerhards <rgerhards@adiscon.com>
- *
- *//*
- * liblognorm - a fast samples-based log normalization library
- * Copyright 2010-2011 by Rainer Gerhards and Adiscon GmbH.
- *
- * This file is part of liblognorm.
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
- *
- * A copy of the LGPL v2.1 can be found in the file "COPYING" in this distribution.
- */
-#include <stdio.h>
-#include <string.h>
-#include <getopt.h>
-#include <libestr.h>
-#include <libee/libee.h>
-#include "liblognorm.h"
-#include "ptree.h"
-#include "lognorm.h"
-
-static ln_ctx ctx;
-static ee_ctx eectx;
-
-static int verbose = 0;
-static int parsedOnly = 0;	/**< output unparsed messages? */
-static int flatTags = 0;	/**< output unparsed messages? */
-static FILE *fpDOT;
-static es_str_t *encFmt = NULL; /**< a format string for encoder use */
-static es_str_t *mandatoryTag = NULL; /**< tag which must be given so that mesg will
-					   be output. NULL=all */
-static enum { f_syslog, f_json, f_xml, f_csv } outfmt = f_syslog;
-
-void
-dbgCallBack(void __attribute__((unused)) *cookie, char *msg,
-	    size_t __attribute__((unused)) lenMsg)
-{
-	printf("liblognorm: %s\n", msg);
-}
-
-void errout(char *errmsg)
-{
-	fprintf(stderr, "%s\n", errmsg);
-	exit(1);
-}
-
-
-/* param str is just a performance enhancement, which saves us re-creation
- * of the string on every call.
- */
-static inline void
-outputEvent(struct ee_event *event)
-{
-	char *cstr;
-	es_str_t *str = NULL;
-
-	switch(outfmt) {
-	case f_json:
-		ee_fmtEventToJSON(event, &str);
-		break;
-	case f_syslog:
-		ee_fmtEventToRFC5424(event, &str);
-		break;
-	case f_xml:
-		ee_fmtEventToXML(event, &str);
-		break;
-	case f_csv:
-		ee_fmtEventToCSV(event, &str, encFmt);
-		break;
-	}
-	cstr = es_str2cstr(str, NULL);
-	if(verbose > 0) printf("normalized: '%s'\n", cstr);
-	printf("%s\n", cstr);
-	free(cstr);
-	es_deleteStr(str);
-}
-
-
-/* normalize input data
- */
-void
-normalize(void)
-{
-	FILE *fp = stdin;
-	char buf[10*1024];
-	es_str_t *str;
-	struct ee_event *event = NULL;
-	es_str_t *constUnparsed;
-	long long unsigned numUnparsed = 0;
-	long long unsigned numWrongTag = 0;
-
-	constUnparsed = es_newStrFromBuf("unparsed-data", sizeof("unparsed-data") - 1);
-
-	while((fgets(buf, sizeof(buf), fp)) != NULL) {
-		buf[strlen(buf)-1] = '\0';
-		if(strlen(buf) > 0 && buf[strlen(buf)-1] == '\r')
-			buf[strlen(buf)-1] = '\0';
-		if(verbose > 0) printf("To normalize: '%s'\n", buf);
-		str = es_newStrFromCStr(buf, strlen(buf));
-		ln_normalize(ctx, str, &event);
-		//printf("normalize result: %d\n", ln_normalizeRec(ctx, ctx->ptree, str, 0, &event));
-		if(event != NULL) {
-			if(   mandatoryTag == NULL
-			   || (mandatoryTag != NULL && ee_EventHasTag(event, mandatoryTag))) {
-				if(   parsedOnly == 1
-				   && ee_getEventField(event, constUnparsed) != NULL){
-					numUnparsed++;
-				} else {
-					outputEvent(event);
-				}
-			} else {
-				numWrongTag++;
-			}
-			ee_deleteEvent(event);
-			event = NULL;
-		}
-		es_deleteStr(str);
-	}
-	if(numUnparsed > 0)
-		fprintf(stderr, "%llu unparsable entries\n", numUnparsed);
-	if(numWrongTag > 0)
-		fprintf(stderr, "%llu entries with wrong tag dropped\n", numWrongTag);
-	es_deleteStr(constUnparsed);
-}
-
-
-/**
- * Generate a command file for the GNU DOT tools.
- */
-static void
-genDOT()
-{
-	es_str_t *str;
-
-	str = es_newStr(1024);
-	ln_genDotPTreeGraph(ctx->ptree, &str);
-	fwrite(es_getBufAddr(str), 1, es_strlen(str), fpDOT);
-}
-
-
-int main(int argc, char *argv[])
-{
-	int opt;
-	char *repository = NULL;
-	
-	while((opt = getopt(argc, argv, "d:e:r:E:vpt:T")) != -1) {
-		switch (opt) {
-		case 'd': /* generate DOT file */
-			if(!strcmp(optarg, "")) {
-				fpDOT = stdout;
-			} else {
-				if((fpDOT = fopen(optarg, "w")) == NULL) {
-					errout("cannot open DOT file");
-				}
-			}
-		case 'v':
-			verbose++;
-			break;
-		case 'E': /* encoder-specific format string (will be validated by encoder) */ 
-			encFmt = es_newStrFromCStr(optarg, strlen(optarg));
-			break;
-		case 'p':
-			parsedOnly = 1;
-			break;
-		case 'T':
-			flatTags = 1;
-			break;
-		case 'e': /* encoder to use */
-			if(!strcmp(optarg, "json")) {
-				outfmt = f_json;
-			} else if(!strcmp(optarg, "xml")) {
-				outfmt = f_xml;
-			} else if(!strcmp(optarg, "csv")) {
-				outfmt = f_csv;
-			}
-			break;
-		case 'r': /* rule base to use */
-			repository = optarg;
-			break;
-		case 't': /* if given, only messages tagged with the argument
-			     are output */
-			mandatoryTag = es_newStrFromCStr(optarg, strlen(optarg));
-			break;
-		}
-	}
-	
-	if(repository == NULL) {
-		errout("samples repository must be given");
-	}
-
-	if((ctx = ln_initCtx()) == NULL) {
-		errout("Could not initialize liblognorm context");
-	}
-
-	if((eectx = ee_initCtx()) == NULL) {
-		errout("Could not initialize libee context");
-	}
-	if(flatTags) {
-		ee_setFlags(eectx, EE_CTX_FLAG_INCLUDE_FLAT_TAGS);
-	}
-
-	if(verbose) {
-		ln_setDebugCB(ctx, dbgCallBack, NULL);
-		ln_enableDebug(ctx, 1);
-	}
-	ln_setEECtx(ctx, eectx);
-
-	ln_loadSamples(ctx, repository);
-
-	if(verbose > 0)
-		printf("number of tree nodes: %d\n", ctx->nNodes);
-
-	if(fpDOT != NULL) {
-		genDOT();
-		exit(1);
-	}
-
-	if(verbose > 2) ln_displayPTree(ctx->ptree, 0);
-
-	normalize();
-
-	ln_exitCtx(ctx);
-	return 0;
-}