logevent

package module
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 21, 2020 License: Apache-2.0 Imports: 1 Imported by: 1

README

logevent

Build Status

A collection of packages for Splunk/message queue integration.

Run Tests

# standalone unit tests
go test ./...

# coverage
go test -coverprofile=coverage.out ./... \
  && go tool cover -html=coverage.out

# sendamqp integration tests
AMQP_URL=amqp://guest:guest@localhost:5672 \
  go test -tags amqp ./...

send CLI

The send executable is included as a sample tool to send messages.

Environment variables are used for output/package configuration. Command-line arguments are used for message/event-specific properties.

Setting boolean variables (TRACE, etc.) to ANYTHING other than the empty string will be interpreted as true.

sendamqp Package

Send message to RabbitMQ exchange. Exchange must already exist.

export AMQP_URL=amqp://guest:guest@localhost:5672
export AMQP_EXCHANGE=amq.headers
export AMQP_ROUTING_KEY=the_weather
PACKAGE=sendamqp TRACE=x go run cmd/send/main.go \
  -host h2 \
  "message with host"
senddump Package

Dump message to stderr for debug purposes.

TRACE=x go run cmd/send/main.go \
  "bare message"

TRACE=x go run cmd/send/main.go \
  -customer abc -host h1 -index main \
  -source s -sourceenvironment se -sourcetype st \
  -epoch $(date +%s) -field a=A -field b="indexed event field B" \
  "with integer time and indexed event fields"

TRACE=x go run cmd/send/main.go \
  -time 2020-01-01T00:00:00Z \
  "message with UTC time"

TRACE=x go run cmd/send/main.go \
  -time 2020-01-01T12:00:00+06:00 \
  "message with time offset"
sendhec Package

Send message directly to Splunk HTTP Event Collector (HEC).

export HEC_URL=https://localhost:8088
export HEC_TOKEN=00000000-0000-0000-0000-000000000000
export HEC_INSECURE=true
PACKAGE=sendhec TRACE=x go run cmd/send/main.go \
  -host h2 \
  "message with host"
sendsns Package

Send message to Amazon SNS topic.

export AWS_ACCESS_KEY_ID=xxx
export AWS_REGION=us-east-1
export AWS_SECRET_ACCESS_KEY=xxx
export TOPIC=arn:xxx
PACKAGE=sendsns TRACE=x go run cmd/send/main.go \
  -host h2 \
  "message with host"

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Attributes 

type Attributes struct {
	CustomerCode      string `json:"customer_code,omitempty"`
	Host              string `json:"host,omitempty"`
	Source            string `json:"source,omitempty"`
	SourceEnvironment string `json:"source_environment,omitempty"`
	Sourcetype        string `json:"sourcetype,omitempty"`
}

Attributes contains the properties of a single LogEvent that may be passed as headers to an intermediate system (such as a message queue).

type LogEvent 

type LogEvent struct {
	Attributes Attributes
	Content    MessageContent
}

LogEvent contains a single log message, made up of attributes/headers and message content.

type MessageContent 

type MessageContent struct {
	Host       string                 `json:"host,omitempty"`
	Index      string                 `json:"index,omitempty"`
	Source     string                 `json:"source,omitempty"`
	Sourcetype string                 `json:"sourcetype,omitempty"`
	Time       time.Time              `json:"time,omitempty"`
	Fields     map[string]interface{} `json:"fields,omitempty"`
	Event      interface{}            `json:"event,omitempty"`
}

MessageContent is the actual message to be sent to the external destination.

type MessageSender 

type MessageSender interface {
	CloseSvc() error
	OpenSvc() error
	SendMessage(LogEvent) error
	SetTrace(bool)
}

MessageSender is the interface that manages a connection to an external LogEvent destination.

Source Files

View all Source files

Directories

Path Synopsis
cmd
send command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.