syslogexporter

package module

v0.97.0-sumo-1 Latest Latest Go to latest Published: Apr 11, 2024 License: Apache-2.0, MIT Imports: 19 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/SumoLogic/sumologic-otel-collector

README ¶

Syslog Exporter

Stability level: Deprecated

This exporter is deprecated in favor of the syslog exporter that lives in the OpenTelemetry Collector Contrib repository. The functionality is the same but the configuration is slightly different.

To migrate, rename the following keys in configuration for syslogexporter:

rename protocol property to network
rename format property to protocol

For example, given the following configuration:

  syslog:
    protocol: tcp
    port: 514
    endpoint: 127.0.0.1
    format: rfc5424
    tls:
      ca_file: ca.pem
      cert_file: cert.pem
      key_file: key.pem

change it to:

  syslog:
    network: tcp
    port: 514
    endpoint: 127.0.0.1
    protocol: rfc5424
    tls:
      ca_file: ca.pem
      cert_file: cert.pem
      key_file:  key.pem

About The Exporter

The syslog exporter supports sending messages to a remote syslog server.

This exporter can forward syslog messages to a third party syslog server using RFC5424 and RFC3164.
It also supports sending syslog messages to the Cloud Syslog Source configured on a Sumo Logic hosted collector using the RFC5424 format, token required by Cloud Syslog Source can be added using Logs Transform Processor, please see example configuration.
It is recommended that this syslog exporter be used with the syslog_parser configured in the receiver. This ensures that all the syslog message headers are populated with the expected values.
Not using the syslog_parser will result in the syslog message being populated with default header values.

Configuration

The following are a few configuration options available to forward syslog messages:

endpoint - (default = host.domain.com) syslog endpoint (FQDN or IP address)
protocol - (default = tcp) tcp/udp
port - (default = 514) A syslog port
format - (default = rfc5424) rfc5424/rfc3164
- rfc5424 - Expects the syslog messages to be rfc5424 compliant
- rfc3164 - Expects the syslog messages to be rfc3164 compliant
tls - configuration for TLS/mTLS
- insecure (default = false) whether to enable client transport security, by default, TLS is enabled.
- cert_file - Path to the TLS cert to use for TLS required connections. Should only be used if insecure is set to false.
- key_file - Path to the TLS key to use for TLS required connections. Should only be used if insecure is set to false.
- ca_file - Path to the CA cert. For a client this verifies the server certificate. For a server this verifies client certificates. If empty uses system root CA. Should only be used if insecure is set to false.
- insecure_skip_verify - (default = false) whether to skip verifying the certificate or not.
- min_version (default = 1.2) Minimum acceptable TLS version
- max_version (default = "" handled by crypto/tls - currently TLS 1.3) Maximum acceptable TLS version.
- reload_interval - Specifies the duration after which the certificate will be reloaded. If not set, it will never be reloaded.

Please refer to the yaml below to configure the syslog exporter:

extensions:
  file_storage/syslog:
    directory: .
    timeout: 10s

exporters:
  syslog:
    protocol: tcp
    port: 6514 # 514 (UDP)
    endpoint: 127.0.0.1 # FQDN or IP address
    tls:
      ca_file: certs/servercert.pem
      cert_file: certs/cert.pem
      key_file: certs/key.pem
    format: rfc5424 # rfc5424 or rfc3164


    # for below described queueing and retry related configuration please refer to:
    # https://github.com/open-telemetry/opentelemetry-collector/blob/main/exporter/exporterhelper/README.md#configuration
    retry_on_failure:
      # default = true
      enabled: true
      # time to wait after the first failure before retrying;
      # ignored if enabled is false, default = 5s
      initial_interval: 10s
      # is the upper bound on backoff; ignored if enabled is false, default = 30s
      max_interval: 40s
      # is the maximum amount of time spent trying to send a batch;
      # ignored if enabled is false, default = 120s
      max_elapsed_time: 150s

    sending_queue:
      # default = false
      enabled: true
      # number of consumers that dequeue batches; ignored if enabled is false,
      # default = 10
      num_consumers: 20
      # when set, enables persistence and uses the component specified as a storage extension for the persistent queue
      # make sure to configure and add a `file_storage` extension in `service.extensions`.
      # default = None
      storage: file_storage/syslog
      # maximum number of batches kept in memory before data;
      # ignored if enabled is false, default = 5000
      #
      # user should calculate this as num_seconds * requests_per_second where:
      # num_seconds is the number of seconds to buffer in case of a backend outage,
      # requests_per_second is the average number of requests per seconds.
      queue_size: 10000
receivers:
  filelog:
    start_at: beginning
    include:
    - /other/path/**/*.txt
    operators:
      - type: syslog_parser
        protocol: rfc5424 # the format used here must match the syslog exporter

service:
  telemetry:
      logs:
        level: "info"
  extensions:
    - file_storage/syslog
  pipelines:
    logs:
      receivers:
        - filelog
      exporters:
        - syslog

Documentation ¶

Index ¶

Constants
Variables
func NewFactory() exporter.Factory
type Config
- func (cfg *Config) Validate() error
type Syslog
- func Connect(logger *zap.Logger, cfg *Config, tlsConfig *tls.Config) (*Syslog, error)
- func (s *Syslog) Close() error
- func (s *Syslog) Write(msg map[string]any, timestamp time.Time) error

Constants ¶

View Source

const (
	// Syslog Protocol
	DefaultProtocol = "tcp"
	// Syslog Port
	DefaultPort = 514
	// Syslog Endpoint
	DefaultEndpoint = "host.domain.com"
	// Syslog format
	DefaultFormat = "rfc5424"
)

Variables ¶

View Source

var Type = component.MustNewType(typeStr)

Functions ¶

func NewFactory ¶

func NewFactory() exporter.Factory

NewFactory returns a new factory for the syslog exporter.

Types ¶

type Config ¶

type Config struct {
	// Syslog server address
	Endpoint string `mapstructure:"endpoint"`
	// Syslog server port
	Port int `mapstructure:"port"`
	// Protocol for syslog communication
	// options: tcp, udp
	Protocol string `mapstructure:"protocol"`
	// Format of syslog messages
	Format string `mapstructure:"format"`

	// TLSSetting struct exposes TLS client configuration.
	TLSSetting configtls.TLSClientSetting `mapstructure:"tls"`

	exporterhelper.QueueSettings `mapstructure:"sending_queue"`
	configretry.BackOffConfig    `mapstructure:"retry_on_failure"`
}

Config defines configuration for Syslog exporter.

func (*Config) Validate ¶

func (cfg *Config) Validate() error

Validate the configuration for errors. This is required by component.Config.

type Syslog ¶

type Syslog struct {
	// contains filtered or unexported fields
}

func Connect ¶

func Connect(logger *zap.Logger, cfg *Config, tlsConfig *tls.Config) (*Syslog, error)

func (*Syslog) Close ¶

func (s *Syslog) Close() error

func (*Syslog) Write ¶

func (s *Syslog) Write(msg map[string]any, timestamp time.Time) error

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL