Add syslog parser

[eliaskosunen]

This PR expands the syslog format already implemented, to add support for RFC 3164 -compliant(ish) syslogs, called legacy_syslog in the code. RFC 5424 support was already implemented.

Alongside that, a syslog plugin is added, which can be used to parse syslogs as a part of a pipeline.

# RFC 5424 (schema = syslog.rfc5424):
$ echo "<30>1 2020-03-02T19:44:50.224836+01:00 parallels-Parallels-Virtual-Platform packagekitd 1370 - -  Parent finished..."
  | tenzir 'from stdin read syslog'
{
  "facility": 3,
  "severity": 6,
  "version": 1,
  "ts": "2020-03-02T18:44:50.224835",
  "hostname": "parallels-Parallels-Virtual-Platform",
  "app_name": "packagekitd",
  "process_id": "1370",
  "message_id": "",
  "message": " Parent finished..."
}


# RFC 3164 (schema = syslog.rfc3164):
$ echo "Nov 16 14:55:56 mymachine/10.1.1.16 PROGRAM: Freeform message"
  | tenzir 'from stdin read syslog'
{
  "facility": null,
  "severity": null,
  "timestamp": "Nov 16 14:55:56",
  "host": "mymachine/10.1.1.16",
  "tag": "PROGRAM",
  "content": "Freeform message"
}

# Malformed (schema = syslog.unknown):
$ echo "foobar" | tenzir 'from stdin read syslog'
{
  "syslog_message": "foobar"
}

Possible extensions (to do here, or in a separate PR):

• Specify RFC version as an argument (note, that 3164 and 5424 are never ambiguous, and can always be separated)
• Opt-in to require well-formed input
• Parse timestamp into an actual datetime (Probably opt-in, with an option to specify the year)

[eliaskosunen]

I'll still need to add a changelog entry, and a new format to the docs.

[jachris]

Thank you for continuing this 🙏 Below are just some first reactions.