papertrail

package
v1.33.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 10, 2025 License: MIT Imports: 7 Imported by: 11

README

papertrail webhooks

Enables Telegraf to act as a Papertrail Webhook.

Events

Full documentation.

Events from Papertrail come in two forms:

  • The event-based callback:

    • A point is created per event, with the timestamp as received_at
    • Each point has a field counter (count), which is set to 1 (signifying the event occurred)
    • Each event "hostname" object is converted to a host tag
    • The "saved_search" name in the payload is added as an event tag
    • The "saved_search" id in the payload is added as a search_id field
    • The papertrail url to view the event is built and added as a url field
    • The rest of the data in the event is converted directly to fields on the point:
      • id
      • source_ip
      • source_name
      • source_id
      • program
      • severity
      • facility
      • message

When a callback is received, an event-based point will look similar to:

papertrail,host=myserver.example.com,event=saved_search_name count=1i,source_name="abc",program="CROND",severity="Info",source_id=2i,message="message body",source_ip="208.75.57.121",id=7711561783320576i,facility="Cron",url="https://papertrailapp.com/searches/42?centered_on_id=7711561783320576",search_id=42i 1453248892000000000
  • The count-based callback

    • A point is created per timeseries object per count, with the timestamp as the "timeseries" key (the unix epoch of the event)
    • Each point has a field counter (count), which is set to the value of each "timeseries" object
    • Each count "source_name" object is converted to a host tag
    • The "saved_search" name in the payload is added as an event tag

When a callback is received, a count-based point will look similar to:

papertrail,host=myserver.example.com,event=saved_search_name count=3i 1453248892000000000

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Count

type Count struct {
	SourceName string            `json:"source_name"`
	SourceID   int64             `json:"source_id"`
	TimeSeries *map[int64]uint64 `json:"timeseries"`
}

type Event

type Event struct {
	ID                int64     `json:"id"`
	ReceivedAt        time.Time `json:"received_at"`
	DisplayReceivedAt string    `json:"display_received_at"`
	SourceIP          string    `json:"source_ip"`
	SourceName        string    `json:"source_name"`
	SourceID          int       `json:"source_id"`
	Hostname          string    `json:"hostname"`
	Program           string    `json:"program"`
	Severity          string    `json:"severity"`
	Facility          string    `json:"facility"`
	Message           string    `json:"message"`
}

type PapertrailWebhook

type PapertrailWebhook struct {
	Path string

	auth.BasicAuth
	// contains filtered or unexported fields
}

func (*PapertrailWebhook) Register

func (pt *PapertrailWebhook) Register(router *mux.Router, acc telegraf.Accumulator, log telegraf.Logger)

type Payload

type Payload struct {
	Events      []*Event     `json:"events"`
	Counts      []*Count     `json:"counts"`
	SavedSearch *SavedSearch `json:"saved_search"`
	MaxID       string       `json:"max_id"`
	MinID       string       `json:"min_id"`
}

type SavedSearch

type SavedSearch struct {
	ID        int64  `json:"id"`
	Name      string `json:"name"`
	Query     string `json:"query"`
	EditURL   string `json:"html_edit_url"`
	SearchURL string `json:"html_search_url"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL