func ExampleNewParser() {
b := "<34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8"
buff := []byte(b)
p := rfc3164.NewParser(buff)
err := p.Parse()
if err != nil {
panic(err)
}
fmt.Println(p.Dump())
}
func (s *concreteServer) handleConnection(conn net.Conn, callback CallbackFunc) {
defer func() {
if err := conn.Close(); err != nil {
s.logger.Error(concreteServerLogTag, "Failed to close connection: %s", err.Error())
}
}()
scanner := bufio.NewScanner(conn)
for scanner.Scan() {
bytes := scanner.Bytes()
p := rfc3164.NewParser(bytes)
err := p.Parse()
if err != nil {
s.logger.Error(
concreteServerLogTag,
"Failed to parse syslog message: %s error: %s",
string(bytes), err.Error(),
)
continue
}
content, ok := p.Dump()["content"].(string)
if !ok {
s.logger.Error(
concreteServerLogTag,
"Failed to retrieve syslog message string content: %s",
string(bytes),
)
continue
}
message := Msg{Content: content}
callback(message)
}
err := scanner.Err()
if err != nil {
s.logger.Error(
concreteServerLogTag,
"Scanner error while parsing syslog message: %s",
err.Error(),
)
}
}
package syslog_test
import (
"fmt"
. "github.com/cloudfoundry/bosh-agent/internal/github.com/onsi/ginkgo"
. "github.com/cloudfoundry/bosh-agent/internal/github.com/onsi/gomega"
"github.com/cloudfoundry/bosh-agent/internal/github.com/jeromer/syslogparser/rfc3164"
)
var _ = Describe("syslogparser", func() {
It("parses an example message", func() {
text := []byte("<34>Oct 11 22:14:15 mach su: 'su root' failed for lonvick on /dev/pts/8")
parser := rfc3164.NewParser(text)
err := parser.Parse()
Expect(err).ToNot(HaveOccurred())
parts := parser.Dump() // syslogparser.LogParts
Expect(fmt.Sprintf("%T", parts["timestamp"])).To(Equal("time.Time"))
Expect(parts["hostname"]).To(Equal("mach"))
Expect(parts["tag"]).To(Equal("su"))
Expect(parts["content"]).To(Equal("'su root' failed for lonvick on /dev/pts/8"))
Expect(parts["priority"]).To(Equal(34))
Expect(parts["facility"]).To(Equal(4))
Expect(parts["severity"]).To(Equal(2))
})
})