syslog compatible server type

[arkady-emelyanov]

PoC proposal.

While it's quite handy to have file ip cluster type, still, it's more for debugging purposes rather then permanent solution.
When dealing with legacy systems, it's quite handy to be able to analyse sources of incoming metrics. Syslog format widely supported and quite easy to re-route and parse (Logstash for a example).

Rather than make new cluster type and dealing with complexity of yacc/bison stuff, i'd suggest to utilise either server->type or server->transport for dealing with syslog envelope (in this PoC, I using connection type: server->type.

Sample configuration file:

cluster test
    forward
        127.0.0.1:2020 proto udp type syslog
        127.0.0.1:2021 proto udp
    ;


match *
    send to test
    ;

Sample output for syslog receiver:
<30>Apr 11 13:25:30 127.0.0.1 crelay: hello.world 1 123456789

Implementation details:

• Syslog facility is hardcoded to be 3 (system daemons)
• Syslog severity is hardcoded to be 6 (INFO)
• Hostname is set to metric source address
• Application name is hardcoded to be crelay.

I'd also noticed that in case of udp receiver, source address is empty, which is result of getpeername call on udp socket (which is obviously empty, due the nature of udp protocol).

Please advice, can such solution to be adopted and accepted into mainline? I'd made a separate commit without autogenerated changes to demonstrate proposed approach: arkady-emelyanov@57fea4d

Thanks.

[grobian]

Using type for this makes sense to me (the other type that was planned was "pickle" or "protobuf", so syslog would work fine).

Thanks for your patch, I'll have a look at it in detail later, I'm sure we can get something working like this.