Giters

timblair / captainslog

A Syslog Protocol Tool

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

captainslog Build Status Doc Status

Introduction

Captainslog started as an RFC3164 (Syslog) parser written to solve a specific problem: there was a breaking change in the 2.0 release of Elasticsearch that no longer allowed periods in field names. In order to support the creation of a log sanitization service for replacing characters in JSON keys within syslog messages, we created a syslog parser along with an interface for writing "mutators" - plugins for modifying syslog messages in a stream.

We are now continuing development along this path, and plan on working on a set of Inputter, Transformer, and Outputter interface implemenatations that can be used together for processing syslog messages.

Usage

package main

import (
	"fmt"
	"strings"

	"github.com/digitalocean/captainslog"
)

func main() {
	b := []byte("<191>2006-01-02T15:04:05.999999-07:00 host.example.org test: @cee:{\"my.message\": \"hello world\"}\n")
	originalMsg, err := captainslog.NewSyslogMsgFromBytes(b)
	if err != nil {
		panic(err)
	}

	replacer := strings.NewReplacer(".", "_")
	mutator := captainslog.NewJSONKeyTransformer(replacer)

	mutatedMsg, err := mutator.Transform(originalMsg)
	if err != nil {
		panic(err)
	}

	fmt.Print(mutatedMsg.String())
}

Contibution Guidelines

We use the Collective Code Construction Contract for the development of captainslog. For details, see CONTRIBUTING.md.

License

Copyright 2016 DigitalOcean

Captainslog is released under the Mozilla Public License, version 2.0

About

A Syslog Protocol Tool

License:Mozilla Public License 2.0

Languages

Language:Go 100.0%