Golang NewParser Examples

Example #1

File: logflume.go Project: postfix/logflume

func handlePacket(buffer []byte) {
	parser := rfc5424.NewParser(buffer)
	err := parser.Parse()

	if err != nil {
		fmt.Printf("Error reading syslog message %s", err)
		return
	}

	log := parser.Dump()
	log["@timestamp"] = log["timestamp"]
	log["facility_label"] = FACILITY_LABELS[(log["facility"]).(int)]
	log["severity_label"] = SEVERITY_LABELS[(log["severity"]).(int)]
	log["type"] = "syslog"

	now := time.Now()
	index := "logstash-" + now.Format("2006.01.02")

	_, err = elasticSearch.Index(true, index, "logs", "", log)
	if err != nil {
		fmt.Printf("Error indexing message %s", err)
		return
	}
	fmt.Println("Logged")
}

Example #2

File: example_test.go Project: andremedeiros/syslogparser

func ExampleNewParser() {
	b := `<165>1 2003-10-11T22:14:15.003Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut="3" eventSource="Application" eventID="1011"] An application event log entry...`
	buff := []byte(b)

	p := rfc5424.NewParser(buff)
	err := p.Parse()
	if err != nil {
		panic(err)
	}

	fmt.Println(p.Dump())
}

Example #3

File: parse_test.go Project: otoolep/syslogparser-bench

func Benchmark_Parsing(b *testing.B) {
	msg := `<165>1 2003-10-11T22:14:15.003Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut="3" eventSource="Application" eventID="1011"] An        application event log entry...`
	buf := []byte(msg)

	for n := 0; n < b.N; n++ {
		p := rfc5424.NewParser(buf)
		err := p.Parse()
		if err != nil {
			fmt.Println(err.Error())
			panic("unable to parse message during benchmarking")
		}
	}
}

Example #4

File: parse_test.go Project: otoolep/syslogparser-bench

func Test_Parsing(t *testing.T) {
	//	msg := `<134>0 2015-05-05T21:20:00.493320+00:00 fisher apache-access - - [exampleSDID@32473 iut="3" eventSource="Application" eventID="1011"] 173.247.206.174 - - [05/May/2015:21:19:52 +0000] "GET /2013/11/ HTTP/1.   1" 200    22056 "http://www.philipotoole.com/" "Wget/1.15 (linux-gnu)"`
	msg := `<165>1 2003-10-11T22:14:15.003Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut="3" eventSource="Application" eventID="1011"] An        application event log entry...`
	buf := []byte(msg)
	p := rfc5424.NewParser(buf)

	err := p.Parse()
	if err != nil {
		t.Fatalf("failed to parse RFC5424 message: %s", err.Error())
	}

	for k, v := range p.Dump() {
		fmt.Printf("%s: %v\n", k, v)
	}
}

Example #5

File: automatic.go Project: pombredanne/gollum-1

func (f *Automatic) GetParser(line []byte) syslogparser.LogParser {
	switch format, _ := detect(line); format {
	case detectedRFC3164:
		return rfc3164.NewParser(line)
	case detectedRFC5424:
		return rfc5424.NewParser(line)
	default:
		// If the line was an RFC6587 line, the splitter should already have removed the length,
		// so one of the above two will be chosen if the line is correctly formed. However, it
		// may have a second length illegally placed at the start, in which case the detector
		// will return detectedRFC6587. The line may also simply be malformed after the length in
		// which case we will have detectedUnknown. In this case we return the simplest parser so
		// the illegally formatted line is properly handled
		return rfc3164.NewParser(line)
	}
}

Example #6

File: rfc5424.go Project: pombredanne/gollum-1

func (f *RFC5424) GetParser(line []byte) syslogparser.LogParser {
	return rfc5424.NewParser(line)
}