input

package

v1.0.0 Latest Latest Go to latest Published: Apr 10, 2016 License: MIT Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/aclisp/ekanite

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
type ApacheCommonFormat
type Collector
- func NewCollector(proto, iface string, tlsConfig *tls.Config) Collector
type Delimiter
- func NewDelimiter(maxSize int) *Delimiter
- func (self *Delimiter) Push(b byte) (string, bool)
- func (self *Delimiter) Vestige() (string, bool)
type Event
- func NewEvent() *Event
- func (e *Event) ReferenceTime() time.Time
type RFC5424Message
type RFC5424Parser
- func NewRFC5424Parser() *RFC5424Parser
- func (p *RFC5424Parser) Parse(raw string) *RFC5424Message
type TCPCollector
- func (s *TCPCollector) Addr() net.Addr
- func (s *TCPCollector) Start(c chan<- *Event) error
type UDPCollector
- func (s *UDPCollector) Addr() net.Addr
- func (s *UDPCollector) Start(c chan<- *Event) error

Constants ¶

View Source

const (
	SYSLOG_DELIMITER = `<[0-9]{1,3}>[0-9]\s`
)

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ApacheCommonFormat ¶

type ApacheCommonFormat struct {
	URL        string
	Referer    string
	Method     string
	StatusCode int
}

type Collector ¶

type Collector interface {
	Start(chan<- *Event) error
	Addr() net.Addr
}

Collector specifies the interface all network collectors must implement.

func NewCollector ¶

func NewCollector(proto, iface string, tlsConfig *tls.Config) Collector

NewCollector returns a network collector of the specified type, that will bind to the given inteface on Start(). If config is non-nil, a secure Collector will be returned. Secure Collectors require the protocol be TCP.

type Delimiter ¶

type Delimiter struct {
	// contains filtered or unexported fields
}

A Delimiter detects when Syslog lines start.

func NewDelimiter ¶

func NewDelimiter(maxSize int) *Delimiter

NewDelimiter returns an initialized Delimiter.

func (*Delimiter) Push ¶

func (self *Delimiter) Push(b byte) (string, bool)

Push a byte into the Delimiter. If the byte results in a a new Syslog message, it'll be flagged via the bool.

func (*Delimiter) Vestige ¶

func (self *Delimiter) Vestige() (string, bool)

Vestige returns the bytes which have been pushed to Delimiter, since the last Syslog message was returned, but only if the buffer appears to be a valid syslog message.

type Event ¶

type Event struct {
	Text          string          // Delimited log line
	Parsed        *RFC5424Message // If non-nil, contains parsed fields
	ReceptionTime time.Time       // Time log line was received
	Sequence      int64           // Provides order of reception
	SourceIP      string          // Sender's IP address
	// contains filtered or unexported fields
}

Event is a log message, with a reception timestamp and sequence number.

func NewEvent ¶

func NewEvent() *Event

NewEvent retuns a new Event.

func (*Event) ReferenceTime ¶

func (e *Event) ReferenceTime() time.Time

ReferenceTime returns the reference time of an event.

type RFC5424Message ¶

type RFC5424Message struct {
	Priority  int    `json:"priority"`
	Version   int    `json:"version"`
	Timestamp string `json:"timestamp"`
	Host      string `json:"host"`
	App       string `json:"app"`
	Pid       int    `json:"pid"`
	MsgId     string `json:"msgid"`
	Message   string `json:"message"`
}

RFC5424Message represents a fully parsed Syslog RFC5424 message.

type RFC5424Parser ¶

type RFC5424Parser struct {
	// contains filtered or unexported fields
}

A RFC5424Parser parses Syslog messages.

func NewRFC5424Parser ¶

func NewRFC5424Parser() *RFC5424Parser

Returns an initialized RFC5424Parser.

func (*RFC5424Parser) Parse ¶

func (p *RFC5424Parser) Parse(raw string) *RFC5424Message

Parse takes a raw message and returns a parsed message. If no match, nil is returned.

type TCPCollector ¶

type TCPCollector struct {
	// contains filtered or unexported fields
}

TCPCollector represents a network collector that accepts and handler TCP connections.

func (*TCPCollector) Addr ¶

func (s *TCPCollector) Addr() net.Addr

Addr returns the net.Addr that the Collector is bound to, in a race-say manner.

func (*TCPCollector) Start ¶

func (s *TCPCollector) Start(c chan<- *Event) error

Start instructs the TCPCollector to bind to the interface and accept connections.

type UDPCollector ¶

type UDPCollector struct {
	// contains filtered or unexported fields
}

UDPCollector represents a network collector that accepts UDP packets.

func (*UDPCollector) Addr ¶

func (s *UDPCollector) Addr() net.Addr

Addr returns the net.Addr to which the UDP collector is bound.

func (*UDPCollector) Start ¶

func (s *UDPCollector) Start(c chan<- *Event) error

Start instructs the UDPCollector to start reading packets from the interface.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL