Categorygithub.com/honeycombio/honeytailparserssyslog
package
1.10.0
Repository: https://github.com/honeycombio/honeytail.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
10
Dependents
1
Files
157 SLOC

# README

syslog parser

Example CLI usage (from honeytail root)

honeytail -p syslog -k $HONEYTAIL_WRITEKEY \
  -f /var/log/auth.log \
  --dataset 'MY_TEST_DATASET' \
  --syslog.mode 'rfc5424'

Log Formatting

You will need to configure your syslog daemon to use the right format. For example, to use RFC5424 with rsyslog, set the following in your /etc/rsyslog.conf.

$ActionFileDefaultTemplate RSYSLOG_SyslogProtocol23Format

RFC5424

RFC Text

Example line

<165>1 2003-10-11T22:14:15.003Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut="3" eventSource="Application" eventID="1011"] An application event log entry...

RFC3164

RFC Text

Example line

<34>Oct 11 22:14:15 mymachine su: 'su root' failed for user on /dev/pts/8

# Functions

NewSyslogLineParser factory.

# Structs

Options defines the options relevant to the syslog parser.
Parser implements the Parser interface.
No description provided by the author