-
Notifications
You must be signed in to change notification settings - Fork 466
GSoC 2016 Proposal: WebSocket for syslog ng (krishnak9)
Syslog RFC-5424 is a protocol widely used for logging. It actually allow the separation between the softwares that generates the message, software that stores it and the software that reports and analyse them.
Syslog-ng is an open source implementation of syslog protocol for Unix and like system.
Syslog-ng provides additional features than just logging:
- Content based filtering.
- Rich filtering capabilities.
- Flexible configuration options.
- Reliable transport using TCP and Provide TLS encryption.
Syslog-ng can act as a client (for sending the logs to central server for analysis)
as a server (for receiving the logs from different clients ) act as a relay (can even act as a intermediary
between client and server).
#About Project: ##Websocket for syslog-ng This project intends to add websocket destination for syslog-ng.This will enable the syslog-ng to directly send logs to websocket server over websocket protocol. The websocket protocol (RFC6455) will allow to have full-duplex communication channel over single TCP connection with less overhead and will save time as well as data (having less overhead than HTTP).
Currently the network() driver in syslog-ng sends messages to a remote host (like syslog-ng server or relay) on the intranet or the internet using BSD-syslog protocol RFC3164 .The network driver supports sending messages using UDP,TCP, or encrypted TLS networking protocols.
Websocket protocol can be implemented with TCP as transport layer and the Websockets can be secured using Websocketsecure(WSS) and HTTPS/TLS providing a full encrypted method for continuos two way data communication.
##Benefits:
- Providing the connection over Websocket protocol will save extra overhead data and provide a full duplex communication channel over single TCP-connection.
2. Syslog-ng as a logger daemon has to process through a lot of logs and if the the logs are meant to transported to a network destination (like relay or server) it has to send those data to remote server using the available protocol currently using BSD-syslog(over UDP ) and reliable TCP. Now while using intranet (local network ) there is no problem .But while sending messages through internet the best ways are to use defined ports and most of these well defined ports are 80 (http) and https ports because many of the corporate firewall blocks communication through other than some defined ports. So using websocket protocol over port these ports will allow less communication and firewall issues as well websocket providing persistent connection is a benefit too.
NOTE-- its not necessary to explicitly use these ports to deploy websocket server ,we can use any port which must have an http server to start the initial websocket upgrade.
##Project's Aim:
Sample Websocket Server: A sample websocket server written in C using library ,with configurable port which is used to collect logs from the clients(syslog-ng as client).
Websocket destination: A configurable destination to send logs to a websocket server (in client mode ) and when acting as a server to save the logs in file for analysis should have multiple files for multiple clients ,so that analysis can be easier.
Websocket source: A websocket source (in server mode) to collect logs from multiple clients ,it should be configurable to add the source IP s and the listening port. The logs collected will be stored in the multiple file one for each client and the logs will be flushed after a certain amount of data is saved to the files to help against memory overflow.
Making the websocket secure: Using HTTPS/TLS making the websocket communication encrypted to provide security to the communication.
##LIBRARIES/TOOLS/SKILLS Needed to accomplish the goals:
- Will be using libwebsocket library to implement websocket destination and to implement client and server model.
- Will be using a C sample websocket server as well as a Ruby on Rails server using websocket-rails -a plug and play library to analyse the working model.
- Will be using Wireshark to watch and analyse the websocket protocol packets.
- I will use syslog-ng module incubator to implent the model.
- Will be using Git as DVCS to manage and track the changes in the code.
- GNU make as build utility.
- Will be learing more and more about the Websocket protocol, implementing parsers and how to syslog-ng works in deep detail to accomplish the project.
##My skills:
Very Good Level:
C and embedded C .with fluency and depth knowledge in implementing data-structures and algorithms in C.
Linux Administration,Computer Networking,Ethical Hacking and Embedded systems.(Development boards such as Arduino,AVR,TELOS-B and Intel 8086 uP.)
Good/Familiar
Socket programming,Ruby on Rails framework and ASP.NET WITH C#
##Schedule:
###Now – 22 April: Will be getting familiar with Syslog-ng and will be doing task assigned by the mentors.
###23 April to May 22 Will be getting more in depth knowledge of syslog-ng's codebase understanding the working and the implementation of destination and sources.
###May 24th to June 7th
- Will be coding for websocket destination model.
- Implementing a sample webserver in C or Ruby On Rails.
- Writing Blog post about my progress .
###June 8th to 23rd June
- Implementing websocket destination and checking if it is working perfectly with sample webserver.
- Testing it in different scenarios and ensure that its working fine in client mode .
- Making sure that its fully configurable as expected.
- Writing blog about progress.
###June 24th to July 12th
- Implementing Destination for syslog-ng as a server which is a file destination for multiple clients
- Making sure that multiple client mode is working perfectly.
- Running tests and analysing the errors(if any).
- Writing blog about progress.
###July 13th to July 26th
- Implementing source for the syslog-ng as server to collect the logs from different clients.
- Testing it and amending the code if needed .
- Testing whole system by making a home made network with two to three computers with one acting as server and others as client or using a virtual environment to do so.
- Writing blog about progress.
###July 27th to end
- Implenting the Websocket secure for whole model.
- Checking for the errors and Testing.
- Getting final review from the community.
- Will implement the amendments as suggested by the community members.
- Prepare the documentation for the final implementation.
- Merging the project.
- Writing blog about progress and completion.
Note—Every week or two I will be providing a full report about my progress apart from the daily conversation that I may have with the mentors.
#About Me:
I am Krishna Kumar a second year student persuing Btech in Electronics and Communication Engineering from Indian Institute of Information Technology,Allahabad,India.I am a good programmer as well as Electronics and Networking enthusiast.I would like work with syslog-ng OSE community project "Websocket for Syslog-ng" under GSOC-16 program.I have a very good experience in C, writing datastructures and algorithms. Morever I also have a good experience in Electronics and Networking development the product of being an Electronics and Communication Engineer.I have worked with many IOT devices ,web-frameworks and even ethical hacking.I have quite expertise in Linux environment as I have worked with many distros like debian based,Arch-based,Red-hat etc.
##My motivation: My motivation for this project will be learning new concepts and technology protocols like websocket and syslog, working with source code of a very big project will provide me an insight to the world of open source software development.
##Other Commitments: I dont have any other commitments but who knows there may be some small unplanned works ,but those wont be a problem because these works wont take more than 1 or 2 days.
##Contact Me:
Name: Krishna Kumar
Github:krishnak9
My Email:krishnaklooper@gmail.com
My Website:www.krishnaklooper.com