Skip to content

Latest commit

 

History

History
123 lines (86 loc) · 4.71 KB

README.md

File metadata and controls

123 lines (86 loc) · 4.71 KB

syslog-ng module incubator

The syslog-ng module incubator (Incubator henceforth) is a collection of tools and modules for syslog-ng that for one reason or the other, are not part of the official repository. This serves both as a staging ground for experimental modules, and as a repository of plugins that are not aimed at upstream inclusion. It's also an example of a third party syslog-ng module.

NOTE: The Incubator requires syslog-ng 3.5.5 or newer, but does not work with 3.6!

Contents

  • Riemann destination: A simple, work in progress destination that allows syslog-ng to send events to the Riemann network monitoring system.

  • Lua destination: This destination is really just a wrapper, that allows one to write destination drivers in Lua, with some limitations.

  • Perl destination: This destination allows one to write destination plugins in Perl.

  • Python destination: This destination allows one to write destination plugins in Python.

  • Trigger source: A very simple example source that periodically generates a message. Useful mostly for debugging purposes.

  • Monitor source: A module similar to the trigger source, except it dispatches to a Lua function to generate the message.

  • Extra template functions: Extra template functions, such as $(//) which is floating-point division, as opposed to the built-in $(/) (integer division).

    Functions:

    • // : floating point division
    • or : returns first non-empty string
    • state : gets or sets global state from template function.
    • padding : pads a string to a specified width with specified chars.
  • $(getent) template function: A template function to look up users (by uid or name), groups or services, and retrieve some of the found properties.

  • RSS destination: A very simple destination module that allows one to offer log messages as an RSS feed.

  • Graphite output template: Template function, which renders a log message into graphite plaintext protocol format.

  • logmongource: A log visualisation tool that extracts messages from a MongoDB collection, and visualises them with Gource.

  • Kafka destination: A simple, work in progress destination that allows syslog-ng to send events to the Apache Kafka distributed queue.

Installation

Installing the modules and tools follows the usual autotools way:

$ git clone git://github.com/balabit/syslog-ng-incubator.git
$ cd syslog-ng-incubator
$ autoreconf -i
$ ./configure && make && make install

Of course, one will need all the dependencies (syslog-ng, bison, flex, riemann-c-client, libmongo-client, lua, perl, python, rdkafka; of which the latter six are optional) installed too.

License

Copyright (C) 2011-2014 BalaBit IT Security Ltd., Gergely Nagy [email protected], Viktor Tusa [email protected], and other contributors; released under the terms of the GNU General Public License, version 2 (or later).