Class: LogStash::Outputs::Syslog

Inherits:
Base show all
Defined in:
lib/logstash/outputs/syslog.rb

Overview

Send events to a syslog server.

You can send messages compliant with RFC3164 or RFC5424 UDP or TCP syslog transport is supported

Constant Summary collapse

FACILITY_LABELS = 
[
  "kernel",
  "user-level",
  "mail",
  "daemon",
  "security/authorization",
  "syslogd",
  "line printer",
  "network news",
  "uucp",
  "clock",
  "security/authorization",
  "ftp",
  "ntp",
  "log audit",
  "log alert",
  "clock",
  "local0",
  "local1",
  "local2",
  "local3",
  "local4",
  "local5",
  "local6",
  "local7",
]
SEVERITY_LABELS = 
[
  "emergency",
  "alert",
  "critical",
  "error",
  "warning",
  "notice",
  "informational",
  "debug",
]

Constants included from Config::Mixin

Config::Mixin::CONFIGSORT

Instance Attribute Summary

Attributes included from Config::Mixin

#config, #original_params

Attributes inherited from Plugin

#logger, #params

Instance Method Summary collapse

Methods inherited from Base

#handle, #handle_worker, #initialize, #worker_setup, #workers_not_supported

Methods included from Config::Mixin

#config_init, included

Methods inherited from Plugin

#eql?, #finished, #finished?, #hash, #initialize, #inspect, lookup, #reload, #running?, #shutdown, #teardown, #terminating?, #to_s

Constructor Details

This class inherits a constructor from LogStash::Outputs::Base

Instance Method Details

#receive(event) ⇒ Object 



112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
 
# File 'lib/logstash/outputs/syslog.rb', line 112

def receive(event)
  return unless output?(event)

  appname = event.sprintf(@appname)
  procid = event.sprintf(@procid)
  sourcehost = event.sprintf(@sourcehost)

  facility_code = FACILITY_LABELS.index(@facility)

  severity_code = SEVERITY_LABELS.index(@severity)

  priority = (facility_code * 8) + severity_code

  if rfc3164?
    timestamp = event.sprintf("%{+MMM dd HH:mm:ss}")
    syslog_msg = "<"+priority.to_s()+">"+timestamp+" "+sourcehost+" "+appname+"["+procid+"]: "+event["message"]
  else
    msgid = event.sprintf(@msgid)
    timestamp = event.sprintf("%{+YYYY-MM-dd'T'HH:mm:ss.SSSZ}")
    syslog_msg = "<"+priority.to_s()+">1 "+timestamp+" "+sourcehost+" "+appname+" "+procid+" "+msgid+" - "+event["message"]
  end

  begin
    connect unless @client_socket
    @client_socket.write(syslog_msg + "\n")
  rescue => e
    @logger.warn(@protocol+" output exception", :host => @host, :port => @port,
               :exception => e, :backtrace => e.backtrace)
    @client_socket.close rescue nil
    @client_socket = nil
  end
end

#registerObject 



87
88
89
 
# File 'lib/logstash/outputs/syslog.rb', line 87

def register
    @client_socket = nil
end