Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added parser for Linux kernel netfilter firewall log #8778

Merged
merged 2 commits into from
Jun 25, 2024
Merged

Added parser for Linux kernel netfilter firewall log #8778

merged 2 commits into from
Jun 25, 2024

Conversation

protohuf
Copy link
Contributor

@protohuf protohuf commented Apr 30, 2024
edited
Loading

Adds a parser for Linux kernel netfilter firewall log messages. Applying this parser on the /var/log/kern.log will extract firewall logs

Testing
Before we can approve your change; please submit the following in a comment:

  • Example configuration file for the change
  • Debug log output from testing the change
pipeline:
  inputs:
    - name: tail
      tag: firewall
      path: /var/log/kern.log
      parser: kmsg-netfilter-log
  outputs:
    - name: stdout
  • Attached Valgrind output that shows no leaks or memory corruption was found

Documentation

  • Documentation required for this feature

Backporting

  • Backport to latest stable release.

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

edsiper
edsiper requested changes May 15, 2024
View reviewed changes
conf/parsers.conf Show resolved Hide resolved
@edsiper edsiper added this to the Fluent Bit v3.0.4 milestone May 15, 2024
@protohuf protohuf requested a review from edsiper May 16, 2024 17:59
@edsiper
Copy link
Member

edsiper commented May 29, 2024

Please sign off the commits (DCO error)

@protohuf
Added parser for Linux kernel netfilter firewall log
e48ec00 
Signed-off-by: Marcus Hufvudsson <mh@protohuf.com>
@protohuf
Added 2 rubular examples (TCP and UDP), also fixed a minor bug with
51137f0 
parsing the RES= field

Signed-off-by: Marcus Hufvudsson <mh@protohuf.com>
@protohuf
Copy link
Contributor Author

protohuf commented May 29, 2024
edited
Loading

@edsiper Missed the signed-off requirement in this project, sorry about that. It's fixed now

@edsiper edsiper merged commit fe988b1 into fluent:master Jun 25, 2024
33 of 34 checks passed
@BrewTestBot BrewTestBot mentioned this pull request Jul 9, 2024
Closed
@protohuf protohuf deleted the parser_kmsg_netfilter_log branch September 11, 2024 20:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leonardo-albertovich leonardo-albertovich Awaiting requested review from leonardo-albertovich leonardo-albertovich is a code owner

@fujimotos fujimotos Awaiting requested review from fujimotos fujimotos is a code owner

@koleini koleini Awaiting requested review from koleini koleini is a code owner

@edsiper edsiper Awaiting requested review from edsiper edsiper is a code owner

Assignees
No one assigned
Labels
docs-required
Projects
None yet
Milestone
Fluent Bit v3.1.0
Development

Successfully merging this pull request may close these issues.
3 participants
@protohuf @edsiper @lecaros