Repository moved into https://github.com/ihrwein/syslog-ng-rust-modules
A fast and easy way to parse your logs into events.
- a C compiler installed
- rustc and cargo installed (tested from 1.5, but it can work with older versions)
- pkg-config installed
- syslog-ng 3.8 installed and can be found by pkg-config
You have to compile the source code and copy the resulted shared library into a location which is looked up by syslog-ng.
- Compilation:
git clone https://github.com/ihrwein/actiondb-parser.git
cd actiondb-parser
cargo build --release
- Copy the
libactiondb_parser.so
file next tolibcsvparser.so
(that's the easiest way to find the proper directory)
cp target/release/libactiondb_parser.so <target directory>
- You can use it immediately:
parser{
actiondb-rs(
# the patterns will be loaded from this file
option("pattern_file", "/home/tibi/install/syslog-ng/etc/loggen.json")
# all the parsed keys should be prefixed with `.adb`
option("prefix", ".adb")
);
};
Note, that in order to use the parser, you don't need the Rust runtime, it's already compiled
into the shared library. Check the required libraries with ldd
. I suppose still you have to install
libgcc1
.
For the exact configuration file format, check ActionDB's readme file: https://github.com/ihrwein/actiondb/blob/master/README.md
Licensed under either of
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT) at your option.
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.