Ejemplo n.º 1
0
func (c *Connection) Send(parsed *syslog.Graylog2Parsed) (err error) {
	encoded, err := json.Marshal(parsed)
	utils.Check(err, "Unable to encode json")
	if err != nil {
		return err
	}

	msg := amqp.Publishing{
		DeliveryMode: amqp.Persistent,
		Timestamp:    time.Now(),
		ContentType:  "text/plain",
		Body:         []byte(encoded),
		Expiration:   c.Expiration,
	}

	c.mu.Lock()
	defer c.mu.Unlock()
	if c.pub != nil {
		err = c.pub.Publish(c.Queue, c.Queue, false, false, msg)
		if err != nil {
			utils.Check(err, "Unable to publish message")
		}
	}

	return err
}
Ejemplo n.º 2
0
func setup(uri, queue string) (*amqp.Connection, *amqp.Channel, error) {
	conn, err := amqp.Dial(uri)
	if err != nil {
		utils.Check(err, "Unable to connect to broker")
		return nil, nil, err
	}

	pub, err := conn.Channel()
	if err != nil {
		utils.Check(err, "Unable to acquire channel")
		return nil, nil, err
	}

	err = pub.ExchangeDeclare(queue, "direct", true, true, false, false, nil)
	if err != nil {
		utils.Check(err, "Unable to declare exchange")
		return nil, nil, err
	}

	_, err = pub.QueueDeclare(queue, true, false, false, false, nil)
	if err != nil {
		utils.Check(err, "Unable to declare queue")
		return nil, nil, err
	}

	err = pub.QueueBind(queue, queue, queue, false, nil)
	if err != nil {
		utils.Check(err, "Unable to bind queue")
		return nil, nil, err
	}

	return conn, pub, nil
}
Ejemplo n.º 3
0
func Graylog2ParseLog(line string, remote_addr string) Graylog2Parsed {
	parsed := Graylog2Parsed{}
	now := time.Now()
	parsed.Timestamp = now.Unix()
	parsed.Version = "1.0"
	if strings.Contains(remote_addr, "127.0.0.1") {
		hostname, err := os.Hostname()
		utils.CheckPanic(err, fmt.Sprintf("Unable to get my hostname"))
		parsed.Host = hostname
	} else {
		parsed.Host = remote_addr
	}

	lvl := LvlRegex.FindStringSubmatch(line)
	if len(lvl) >= 2 {
		i, err := strconv.Atoi(lvl[1])
		utils.Check(err, fmt.Sprintf("Unable to convert %s to int", i))
		parsed.Facility = strings.Title(Facility[i/8])
		parsed.Level = i % 8
		parsed.ShortMessage = strings.TrimRight(lvl[2], "\u0000")
	} else {
		parsed.Facility = "Syslog"
		parsed.Level = 6
		parsed.ShortMessage = strings.TrimRight(line, "\u0000")
	}
	return parsed
}
Ejemplo n.º 4
0
func main() {
	flag.Parse()
	var err error
	var conn broker.Connection

	config_file := os.Getenv("GOGIX_CONF")
	if strings.TrimSpace(config_file) == "" {
		config_file = "/etc/gogix/gogix.conf"
	}

	Cfg, err = goconfig.ReadConfigFile(config_file)
	utils.CheckPanic(err, "File not found")

	bind_addr, err := Cfg.GetString("server", "bind_addr")
	utils.CheckPanic(err, "Unable to get bind_addr from gogix.conf")
	conn.Queue, err = Cfg.GetString("transport", "queue")
	utils.CheckPanic(err, "Unable to get queue from gogix.conf")
	conn.Uri, err = Cfg.GetString("transport", "uri")
	utils.CheckPanic(err, "Unable to get transport from gogix.conf")
	conn.Expiration, err = Cfg.GetString("transport", "message_ttl")
	utils.CheckPanic(err, "Unable to get message_ttl from gogix.conf")
	addr, err := net.ResolveUDPAddr("udp", bind_addr)
	utils.CheckPanic(err, "Unable to resolve bind address")
	l, err := net.ListenUDP("udp", addr)
	utils.CheckPanic(err, fmt.Sprintf("Unable to bind %s", addr))

	if *debug == true {
		fmt.Printf("Setting-Up Broker %s\n", conn.Uri)
	}
	conn.SetupBroker()
	go conn.ReconnectOnClose()

	for {
		recv := make([]byte, 1024)
		_, remote_addr, err := l.ReadFromUDP(recv)
		utils.Check(err, "Problem receiving data")
		fmt.Println(recv)
		if err == nil {
			ip := fmt.Sprintf("%s", remote_addr.IP)
			go handle_data(string(recv), conn, ip)
		}
	}

	conn.Close()
}