kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-05 01:45:44 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
916fcfd940aa0d97a22304776496adeaa82e6cce
nomad/vendor/github.com/jeromer/syslogparser/README
Diptanu Choudhury 3acc5408b0 Using godeps to build
2016-02-12 10:02:16 -08:00

94 lines
2.0 KiB
Plaintext
Raw Blame History

Syslogparser
============
This is a syslog parser for the Go programming language.
Installing
----------
go get github.com/jeromer/syslogparser
Supported RFCs
--------------
RFC 3164 : https://tools.ietf.org/html/rfc3164
RFC 5424 : https://tools.ietf.org/html/rfc5424
Not all features described in RFCs above are supported but only the most part of
it. For exaple SDIDs are not supported in RFC5424 and STRUCTURED-DATA are
parsed as a whole string.
This parser should solve 80% of use cases. If your use cases are in the 20%
remaining ones I would recommend you to fully test what you want to achieve and
provide a patch if you want.
Parsing an RFC 3164 syslog message
----------------------------------
b := "<34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8"
buff := []byte(b)
p := rfc3164.NewParser(buff)
err := p.Parse()
if err != nil {
panic(err)
}
for k, v := range p.Dump() {
fmt.Println(k, ":", v)
}
You should see
timestamp : 2013-10-11 22:14:15 +0000 UTC
hostname : mymachine
tag : su
content : 'su root' failed for lonvick on /dev/pts/8
priority : 34
facility : 4
severity : 2
Parsing an RFC 5424 syslog message
----------------------------------
b := `<165>1 2003-10-11T22:14:15.003Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut="3" eventSource="Application" eventID="1011"] An application event log entry...`
buff := []byte(b)
p := rfc5424.NewParser(buff)
err := p.Parse()
if err != nil {
panic(err)
}
for k, v := range p.Dump() {
fmt.Println(k, ":", v)
}
You should see
version : 1
timestamp : 2003-10-11 22:14:15.003 +0000 UTC
app_name : evntslog
msg_id : ID47
message : An application event log entry...
priority : 165
facility : 20
severity : 5
hostname : mymachine.example.com
proc_id : -
structured_data : [exampleSDID@32473 iut="3" eventSource="Application" eventID="1011"]
Running tests
-------------
make tests
Running benchmarks
------------------
make benchmarks
Reference in New Issue View Git Blame Copy Permalink