UNPKG

nsyslog

Version:

Modular new generation log agent. Reads, transform, aggregate, correlate and send logs from sources to destinations

github.com/solzimer/nsyslog

solzimer/nsyslog

84 lines (73 loc) 2.24 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
## Syslog Input Syslog input places a server that listens for syslog messages. It supports several transport protocols, but does not parse the received lines. If you want to do syslog parsing, you can use the [syslog parser processor](../processors/syslogparser.md). ## Examples UDP Syslog server with buffer flow control ```json "inputs" : { "syslog" : { "type" : "syslog", "maxPending" : 1000, "buffer" : true, "config" : { "url" : "udp://0.0.0.0:514" } } } ``` TCP Syslog server without buffer flow control ```json "inputs" : { "syslog" : { "type" : "syslog", "maxPending" : 1000, "buffer" : false, "config" : { "url" : "tcp://0.0.0.0:514" } } } ``` Secure TLS Syslog server with private key and certificate ```json "inputs" : { "syslog" : { "type" : "syslog", "maxPending" : 1000, "config" : { "url" : "tls://0.0.0.0:1514", "tls" : { "key" : "./config/server.key", "cert" : "./config/server.crt", "rejectUnauthorized" : false } } } } ``` ## Configuration parameters * **url** : Server URL bind pattern. Takes the form of *&lt;protocol&gt;://&lt;bind host&gt;:&lt;bind port&gt;*. Allowed protocols are: **udp**, **udp6**, **tcp**, **tcp6**, **tls**, and **tls6**. * **maxPending** : Maximum number of pending messages in the buffer. Defaults to `1000`. * **buffer** : Boolean. If `true`, enables buffering of incoming messages. * **tls** : Object passed to the TLS server socket, as described in [NodeJS documentation](https://nodejs.org/api/tls.html#tls_tls_createsecurecontext_options). Includes: - **key** : Path to the private key file. - **cert** : Path to the certificate file. - **rejectUnauthorized** : Boolean. If `false`, allows self-signed certificates. ## Output Each syslog message will generate an object with the following schema: ```javascript { id : '<input ID>', type : 'syslog', timestamp : Date.now(), originalMessage : '<syslog message>', server : { protocol : '<bind protocol>', port : '<bind port>', host : '<bind host>' }, client : { address : '<client address>', port : '<client port>' // Added client port for completeness } } ```