Add option to forward in GELF JSON format.
This commit is contained in:
parent
cf14736d1a
commit
3313713f36
19
README.md
19
README.md
|
@ -1,8 +1,8 @@
|
|||
# Simple Syslog Server
|
||||
# Syslog Server
|
||||
|
||||
All received messages are written to *stdout* and optionally forwarded to another syslog server.
|
||||
All received messages are written to *stdout* and/or forwarded to another syslog server.
|
||||
|
||||
The syslog server is able to listen on UDP and/or TCP and parses syslog messages in either RFC5424 or RFC3164 (BSD) format.
|
||||
The syslog server is able to listen on both UDP and TCP and parses syslog messages in either RFC5424 or RFC3164 (BSD) format.
|
||||
|
||||
The default syslog port (514) requires you to run syslogd as root / administrator.
|
||||
If you do not wish to do so, you can choose a port number (with the *-p* or *--port* flag) above 1024.
|
||||
|
@ -13,11 +13,12 @@ If you do not wish to do so, you can choose a port number (with the *-p* or *--p
|
|||
- Run *bin/syslogd*, use the *-h* option for help :)
|
||||
|
||||
````
|
||||
Usage: syslogd [-dhV] [--[no-]ansi] [--[no-]stdout] [--[no-]tcp] [--[no-]udp]
|
||||
Usage: syslogd [-dghV] [--[no-]ansi] [--[no-]stdout] [--[no-]tcp] [--[no-]udp]
|
||||
[--rfc5424] [-f=<host>] [-p=<port>]
|
||||
Simple Syslog Server
|
||||
Syslog Server
|
||||
-d, --debug Enable debugging [default: 'false'].
|
||||
-f, --forward=<host> Forward to UDP host[:port] (RFC-5424).
|
||||
-g, --gelf Forward in Graylog (GELF) JSON format.
|
||||
-h, --help Show this help message and exit.
|
||||
--[no-]ansi Output ANSI colors [default: true].
|
||||
--[no-]stdout Output messages to stdout [default: true].
|
||||
|
@ -26,7 +27,6 @@ Simple Syslog Server
|
|||
-p, --port=<port> Listening port [default: 514].
|
||||
--rfc5424 Parse RFC-5424 messages [default: RFC-3164].
|
||||
-V, --version Print version information and exit.
|
||||
|
||||
````
|
||||
|
||||
### Examples
|
||||
|
@ -49,6 +49,13 @@ Listening on the standard syslog port (requires root privileges) and forwarding
|
|||
java -jar /path/to/syslogd-x.y.z-all.jar --forward remotehost:1514
|
||||
```
|
||||
|
||||
Forwarding to a Graylog server in GELF format.
|
||||
|
||||
```
|
||||
java -jar /path/to/syslogd-x.y.z-all.jar --forward remotehost:12201 --gelf
|
||||
```
|
||||
|
||||
|
||||
If you don't want any output locally (only forwarding), you can use the ```--no-stdout``` flag.
|
||||
|
||||
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
id = syslogd
|
||||
group = biz.nellemann.syslogd
|
||||
version = 1.0.10
|
||||
version = 1.0.11
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
[SyslogServer] [DEBUG] SyslogParser - getFacility() - 68 => 8
|
||||
[SyslogServer] [DEBUG] SyslogParser - getSeverity() - 68 => 4
|
|
@ -34,7 +34,7 @@ import java.util.regex.Pattern;
|
|||
|
||||
@Command(name = "syslogd",
|
||||
mixinStandardHelpOptions = true,
|
||||
description = "Simple Syslog Server",
|
||||
description = "Syslog Server",
|
||||
versionProvider = biz.nellemann.syslogd.VersionProvider.class)
|
||||
public class Application implements Callable<Integer>, LogListener {
|
||||
|
||||
|
@ -64,6 +64,9 @@ public class Application implements Callable<Integer>, LogListener {
|
|||
@CommandLine.Option(names = { "-f", "--forward"}, description = "Forward to UDP host[:port] (RFC-5424).", paramLabel = "<host>")
|
||||
private String forward;
|
||||
|
||||
@CommandLine.Option(names = { "-g", "--gelf"}, description = "Forward in Graylog (GELF) JSON format.", defaultValue = "false")
|
||||
private boolean gelf;
|
||||
|
||||
@CommandLine.Option(names = { "-d", "--debug" }, description = "Enable debugging [default: 'false'].")
|
||||
private boolean enableDebug = false;
|
||||
|
||||
|
@ -141,7 +144,11 @@ public class Application implements Callable<Integer>, LogListener {
|
|||
|
||||
if(doForward) {
|
||||
try {
|
||||
if(gelf) {
|
||||
udpClient.send(SyslogPrinter.toGelf(msg));
|
||||
} else {
|
||||
udpClient.send(SyslogPrinter.toRfc5424(msg));
|
||||
}
|
||||
} catch (Exception e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
|
|
@ -12,6 +12,7 @@ public class SyslogPrinter {
|
|||
|
||||
private final static char SPACE = ' ';
|
||||
|
||||
|
||||
public static String toString(SyslogMessage msg) {
|
||||
StringBuilder sb = new StringBuilder(msg.timestamp.toString());
|
||||
sb.append(String.format(" [%8.8s.%-6.6s] ", msg.facility, msg.severity));
|
||||
|
@ -42,7 +43,11 @@ public class SyslogPrinter {
|
|||
}
|
||||
|
||||
|
||||
// <13>Sep 23 08:53:28 xps13 mark: adfdfdf3432434
|
||||
/**
|
||||
* Return a RFC-3164 formatted string of the SyslogMessage.
|
||||
* @param msg
|
||||
* @return
|
||||
*/
|
||||
public static String toRfc3164(SyslogMessage msg) {
|
||||
StringBuilder sb = new StringBuilder();
|
||||
sb.append(getPri(msg.facility, msg.severity));
|
||||
|
@ -55,8 +60,11 @@ public class SyslogPrinter {
|
|||
}
|
||||
|
||||
|
||||
// <13>1 2020-09-23T08:57:30.950699+02:00 xps13 mark - - [timeQuality tzKnown="1" isSynced="1" syncAccuracy="125500"] adfdfdf3432434565656
|
||||
// <34>1 2003-10-11T22:14:15.003Z mymachine.example.com su - ID47 - BOM'su root' failed for lonvick on /dev/pts/8
|
||||
/**
|
||||
* Return a RFC-5424 formatted string of the SyslogMessage.
|
||||
* @param msg
|
||||
* @return
|
||||
*/
|
||||
public static String toRfc5424(SyslogMessage msg) {
|
||||
StringBuilder sb = new StringBuilder();
|
||||
sb.append(getPri(msg.facility, msg.severity)).append("1");
|
||||
|
@ -72,6 +80,26 @@ public class SyslogPrinter {
|
|||
}
|
||||
|
||||
|
||||
/**
|
||||
* Return a GELF formatted string of the SyslogMessage.
|
||||
* https://www.graylog.org/features/gelf
|
||||
* @param msg
|
||||
* @return
|
||||
*/
|
||||
public static String toGelf(SyslogMessage msg) {
|
||||
StringBuilder sb = new StringBuilder("{ \"version\": \"1.1\",");
|
||||
sb.append(String.format("\"host\": \"%s\",", msg.hostname));
|
||||
sb.append(String.format("\"short_message\": \"%s\",", msg.message));
|
||||
//sb.append(String.format("\"full_message\": \"%s\",", msg.message));
|
||||
sb.append(String.format("\"timestamp\": %d,", msg.timestamp.getEpochSecond()));
|
||||
sb.append(String.format("\"level\": %d,", msg.severity.toNumber()));
|
||||
sb.append(String.format("\"_facility\": \"%s\",", msg.facility));
|
||||
sb.append(String.format("\"_severity\": \"%s\",", msg.severity));
|
||||
sb.append("}");
|
||||
return sb.toString();
|
||||
}
|
||||
|
||||
|
||||
static private String getPri(Facility facility, Severity severity) {
|
||||
int pri = (facility.toNumber() * 8) + severity.toNumber();
|
||||
return String.format("%c%d%c", '<', pri, '>');
|
||||
|
|
Loading…
Reference in a new issue