Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Updated README.mkd to include logsandra sink.

  • Loading branch information...
commit 58e1d9ced9d20375d69d44bebe19c920383b4d57 1 parent d821684
@thobbs authored
Showing with 68 additions and 2 deletions.
  1. +68 −2 README.mkd
View
70 README.mkd
@@ -20,7 +20,7 @@ flume-site.xml.template and removing the body of the file) to include:
<configuration>
<property>
<name>flume.plugin.classes</name>
- <value>org.apache.cassandra.plugins.SimpleCassandraSink</value>
+ <value>org.apache.cassandra.plugins.SimpleCassandraSink,org.apache.cassandra.plugins.LogsandraSyslogSink</value>
<description>Comma separated list of plugin classes</description>
</property>
</configuration>
@@ -43,7 +43,12 @@ Usage
This plugin primarily targets log storage right now.
-The Cassandra sink requires four arguments for its constructor:
+There are two sinks available for use: the SimpleCassandraSink and
+the LogsandraSyslogSink.
+
+### Simple Cassandra Sink
+
+The Simple Cassandra Sink requires four arguments for its constructor:
1. A keyspace (String). For example, 'Keyspace1'.
2. A column family name (String) for storing data in.
@@ -73,3 +78,64 @@ This allows you to easily fetch all logs for a slice of time. Simply use
something like get_slice() on the index column family to get the uuids you
want for a particular slice of time, and then multiget the data column
family using those uuids as the keys.
+
+The constructor string for this sink is "simpleCassandraSink".
+
+### Logsandra Syslog Sink
+
+The Logsandra Syslog Sink allows syslog messages to be stored in Cassandra
+in a way that Logsandra can make use of them. You can find Logsandra
+here:
+
+[http://github.com/jbohman/logsandra](http://github.com/jbohman/logsandra)
+
+The Logsandra Syslog Sink accepts a list of "host:port" for its constructor.
+
+Cassandra must be configured to already have a 'logsandra' keyspace with two
+column families named 'entries' and 'by_date'. They should similar to this
+in a cassandra.yaml:
+
+ keyspaces:
+ - name: logsandra
+ replica_placement_strategy: org.apache.cassandra.locator.RackUnawareStrategy
+ replication_factor: 1
+ column_families:
+
+ - name: entries
+ compare_with: BytesType
+
+ - name: by_date
+ compare_with: LongType
+
+This sink happily accepts input from a syslog source, such as syslogTcp or syslogUdp.
+
+The constructor string for this sink is "logsandraSyslogSink".
+
+In Logsandra, you may query by the following fields:
+
+ - The source, which is a hostname or IP. Example: "127.0.0.1"
+ - The syslog facility. Can be:
+ "kernel",
+ "user",
+ "mail",
+ "system",
+ "sec/auth",
+ "syslog",
+ "lpr",
+ "news",
+ "uucp",
+ "clock",
+ "sec/auth",
+ "ftp",
+ "ntp",
+ "log audit",
+ "log alert",
+ "clock",
+ "local0", "local1", "local2", "local3",
+ "local4", "local5", "local6", "local7"
+ - The syslog severity. Can be:
+ - DEBUG
+ - INFO
+ - WARN
+ - ERROR
+ - FATAL
Please sign in to comment.
Something went wrong with that request. Please try again.