No description, website, or topics provided.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
.gitignore
Cargo.toml
LICENSE
Readme.md
chronograf.png

Readme.md

slog-syslog5424 - implementation of RFC5424 for slog

crates.io badge

This crate provides a way for slog to format its structured messages into the syslog 5424 format which preserves structure. The output is written to a type provided by the user that implements the Write trait.

For the underlying syslog5424 crate, check here.

Notes

  • Should almost always be used with slog-async to avoid slowing down the main thread
  • When sending to remote syslog servers (like InfluxDB) the format should be set to RFC5425 to include the length in the message. A TLS writer should ideally also be used.
  • When logging directly to a remote syslog server you may find slog-retry useful.

Crate Documentation

Building formatting struct: https://docs.rs/syslog5424

slog implementation: https://docs.rs/slog-syslog5424

Examples

Basic logging to stderr

#[macro_use]
extern crate slog;
extern crate slog_syslog5424;

use slog_syslog5424::{Facility, Rfc5424Builder, Rfc5424Writer, WriteFormat};

use slog::Drain;
use std::sync::Mutex;

fn main() {
    let w = std::io::stderr();

    let formatter = Rfc5424Builder::new("enterprise_id", Facility::User)
        .app_name("myapp")
        .expect("invalid app name")
        .hostname("192.0.2.1")
        .expect("invalid hostname")
        .pid("8710")
        .expect("invalid pid")
        .write_format(WriteFormat::RFC5424)
        .build();

    let rfc5424_writer = Rfc5424Writer::new(w, formatter);

    let root = slog::Logger::root(
        Mutex::new(rfc5424_writer).map(slog::Fuse),
        o!("version" => env!("CARGO_PKG_VERSION")),
    );

    info!(root, "service started");
    let sub_log = root.new(o!("address" => "example.com", "port" => "54201"));
    warn!(sub_log, "tls disabled!");
    info!(sub_log, "starting download");
    info!(sub_log, "download complete");
}

Logging to InfluxDB

  • Download InfluxDB sandbox: https://github.com/influxdata/sandbox
  • configure telegraf to enable syslog input:
    • in sandbox-master/telegraf/telgraf.conf: add the following:
    [[inputs.syslog]]
      server = "tcp://:6514"
    • in sandbox-master/docker-compose.yml modify the ports exposed for the telegraf container:
      telegraf:
        # Full tag list: https://hub.docker.com/r/library/telegraf/tags/
        image: telegraf:latest
        environment:
        HOSTNAME: "telegraf-getting-started"
        # Telegraf requires network access to InfluxDB
        links:
        - influxdb
        volumes:
        # Mount for telegraf configuration
        - ./telegraf/:/etc/telegraf/
        # Mount for Docker API access
        - /var/run/docker.sock:/var/run/docker.sock
        ports:
        - "6514:6514/tcp"
        depends_on:
        - influxdb
  • Start containers: ./sandbox up
  • Modify previous example code to use TcpStream AND format in RFC5425:
#[macro_use]
extern crate slog;
extern crate slog_syslog5424;

use slog_syslog5424::{Facility, Rfc5424Builder, Rfc5424Writer, WriteFormat};

use slog::Drain;
use std::sync::Mutex;
use std::net::TcpStream;

fn main() {
    let w = TcpStream::connect("127.0.0.1:6514").unwrap();

    let formatter = Rfc5424Builder::new("enterprise_id", Facility::User)
        .app_name("myapp")
        .expect("invalid app name")
        .hostname("192.0.2.1")
        .expect("invalid hostname")
        .pid("8710")
        .expect("invalid pid")
        .write_format(WriteFormat::RFC5425) // telegraf only likes 5425
        .build();

    let rfc5424_writer = Rfc5424Writer::new(w, formatter);

    let root = slog::Logger::root(
        Mutex::new(rfc5424_writer).map(slog::Fuse),
        o!("version" => env!("CARGO_PKG_VERSION")),
    );

    info!(root, "service started");
    let sub_log = root.new(o!("address" => "example.com", "port" => "54201"));
    warn!(sub_log, "tls disabled!");
    info!(sub_log, "starting download");
    info!(sub_log, "download complete");
}

chronograf results

OS support

Doesn't use any specific OS controls, so should work on everything. Just substitute the required writer for your system.

License

MIT