Documentation
¶
Index ¶
Constants ¶
const (
// SYSLOG_DELIMITER indicates the start of a syslog line
SYSLOG_DELIMITER = `<[0-9]{1,3}>[0-9]\s`
)
Variables ¶
This section is empty.
Functions ¶
func ValidFormat ¶ added in v1.1.0
ValidFormat returns if the given format matches one of the possible formats.
Types ¶
type Collector ¶
Collector specifies the interface all network collectors must implement.
func NewCollector ¶
NewCollector returns a network collector of the specified type, that will bind to the given inteface on Start(). If config is non-nil, a secure Collector will be returned. Secure Collectors require the protocol be TCP.
type Event ¶
type Event struct {
Text string // Delimited log line
Parsed map[string]interface{} // If non-nil, contains parsed fields
ReceptionTime time.Time // Time log line was received
Sequence int64 // Provides order of reception
SourceIP string // Sender's IP address
// contains filtered or unexported fields
}
Event is a log message, with a reception timestamp and sequence number.
func (*Event) ReferenceTime ¶
ReferenceTime returns the reference time of an event.
type NetstrDelimiter ¶ added in v1.1.0
type NetstrDelimiter struct {
Result string
// contains filtered or unexported fields
}
A NetstrDelimiter detects when message lines start.
func NewNetstrDelimiter ¶ added in v1.1.0
func NewNetstrDelimiter() *NetstrDelimiter
NewNetstrDelimiter returns an initialized NetstrDelimiter.
func (*NetstrDelimiter) Push ¶ added in v1.1.0
func (d *NetstrDelimiter) Push(b byte) (bool, error)
Push the given byte into a buffer, return when a new result is available, as well as the first occurring error (if any occurred).
func (*NetstrDelimiter) Reset ¶ added in v1.1.0
func (d *NetstrDelimiter) Reset()
Reset the NetstrDelimiter instance to its initial state.
type Parser ¶ added in v1.1.0
type Parser struct {
Raw []byte
Result map[string]interface{}
// contains filtered or unexported fields
}
A Parser parses the raw input as a map with a timestamp field.
type RFC5424 ¶ added in v1.1.0
type RFC5424 struct {
// contains filtered or unexported fields
}
RFC5424 represents a parser for RFC5424-compliant log messages
type SyslogDelimiter ¶ added in v1.1.0
type SyslogDelimiter struct {
// contains filtered or unexported fields
}
A SyslogDelimiter detects when Syslog lines start.
func NewSyslogDelimiter ¶ added in v1.1.0
func NewSyslogDelimiter(maxSize int) *SyslogDelimiter
NewSyslogDelimiter returns an initialized SyslogDelimiter.
func (*SyslogDelimiter) Push ¶ added in v1.1.0
func (s *SyslogDelimiter) Push(b byte) (string, bool)
Push a byte into the SyslogDelimiter. If the byte results in a a new Syslog message, it'll be flagged via the bool.
func (*SyslogDelimiter) Vestige ¶ added in v1.1.0
func (s *SyslogDelimiter) Vestige() (string, bool)
Vestige returns the bytes which have been pushed to SyslogDelimiter, since the last Syslog message was returned, but only if the buffer appears to be a valid syslog message.
type TCPCollector ¶
type TCPCollector struct {
// contains filtered or unexported fields
}
TCPCollector represents a network collector that accepts and handler TCP connections.
func (*TCPCollector) Addr ¶
func (s *TCPCollector) Addr() net.Addr
Addr returns the net.Addr that the Collector is bound to, in a race-say manner.
func (*TCPCollector) Start ¶
func (s *TCPCollector) Start(c chan<- *Event) error
Start instructs the TCPCollector to bind to the interface and accept connections.
type UDPCollector ¶
type UDPCollector struct {
// contains filtered or unexported fields
}
UDPCollector represents a network collector that accepts UDP packets.
func (*UDPCollector) Addr ¶
func (s *UDPCollector) Addr() net.Addr
Addr returns the net.Addr to which the UDP collector is bound.
func (*UDPCollector) Start ¶
func (s *UDPCollector) Start(c chan<- *Event) error
Start instructs the UDPCollector to start reading packets from the interface.
Source Files