Fluent::Plugin::NewSyslog
This is a syslog input and parser plugins for Fluentd. It supports the newer rfc5424 syslog format along with the older rfc3164 format. It will automatically parse the time formats using the built in ruby time parser rather than specifying the expected format from the syslog message. The parser plugin is backwards compatible with the built in syslog parser.
Installation
Add this line to your application's Gemfile:
gem 'fluent-plugin-newsyslog'
And then execute:
$ bundle
Or install it yourself as:
$ gem install fluent-plugin-newsyslog
Usage
in_newsyslog
Input plugin
The in_newsyslog
Input plugin enables Fluentd to retrieve records via the syslog protocol on UDP or TCP.
The default parser is the parser_newsyslog
plugin.
Example Configuration
<source>
type newsyslog
port 5140
bind 0.0.0.0
tag system
</source>
Parameters
type (required) The value must be newsyslog.
port The port to listen to. Default Value = 5140
bind The bind address to listen to. Default Value = 0.0.0.0 (all addresses)
protocol_type The transport protocol used to receive logs. “udp” and “tcp” are supported. “udp” by default.
tag (required) The prefix of the tag. The tag itself is generated by the tag prefix, facility level, and priority.
parser_newsyslog
Parser plugin
The parser_newsyslog
Parser plugin enables Fluentd to parse syslog records in either rfc5424 or rfc3164 format.
Example Configuration
This is an example to use this parser with the syslog plugin.
<source>
type syslog
port 5140
bind 0.0.0.0
format newsyslog
tag system
</source>
Parameters
payload_message When set to true, it will output the entire syslog message into the message field rather than the parsed message field. Default Value = false, send the parsed syslog message field.
Development
After checking out the repo, run bundle
to install dependencies.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in fluent-plugin-newsyslog.gemspec
, and then run bundle exec rake release
to create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
Running unit tests
This gem is using both rspec and test::unit
execute bundle exec rspec
to run the rspec tests
execute bundle exec rake test
to run test::unit tests
Contributing
- Fork it ( https://github.com/athenahealth/fluent-plugin-newsyslog/fork )
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request