Navigation

Syslog handler

Syslog handler receives syslog messages and match regular expressions. If regex matches, corresponding counter and last matched timestamp are updated.

If syslog handler is started in syslog-agentX program then matching results are exported in SNMP Subagent.

It can also dump results in many other formats

Syslog Matcher

class syslog_handler.SyslogMatcher(regex_list, dumper=None)
Protocol interface for UDP receiver. Receive syslog messages and matches them agaist some regular expressions defined in regex_list
syslog_handler.main(reactor, regex_list, port=8000, host='127.0.0.1', output=None)

Initialize protocol and reactor

Parameters:
  • reactor (twisted.internet.reactor) – reactor to bound events to
  • regex_list (regex.RegexDictList) – regular expressions global registry
  • port (int) – port to bind syslog handler to (default = 8000)
  • host (string (ip address)) – ip address to bind syslog handler to (default = 127.0.0.1)
  • output (file object or None) – file object to dump output to
Returns None:

Output formats

Syslog handler makes use of message dumpers to write matching values to an optional file passed to syslog handler.

syslog_handler.OUTPUT_FMT_D
Data exchange format dictionary. Default = { None : None, ‘txt’ : OUTPUT_FMT, ‘xml’ : OUTPUT_FMT_XML }

OUTPUT_* are python template strings that should provide: * %%(name)s * %%(value)s * %%(ts)s

which are keys of dictionary that will be dumped to file (or socket, or fifo ... ... you know specialties of Unix file centric world ! :P )

Do not change single OUTPUT_* unless you know what you are doing

syslog_handler.OUTPUT_FMT_XML

XML data exchange format: it is template for xml rendering.

Default = “<name>%(name)s</name><value>%(value)s</value><timestamp>%(ts)s</timestamp>”

syslog_handler.OUTPUT_FMT

Text data exchange format: it is a string with amount of reserved characters for each parameter. NOTE: LEN_* constants are defined by developers. They are necessary to realize fastest message parsing, because they are fixed and known _before_ we read the whole message. They are explained below, do not change them unless you know what you are doing!

Default = “%(name)”+ str(LEN_NAME) + “s%(value)” + str(LEN_VALUE) + “s%(ts)” + str(LEN_TIMESTAMP) + “s”

syslog_handler.LEN_NAME

Amount of characters reserved for name of regular expression (first parameter for a tuple in MSG_REGEX_LIST).

Default = 100

syslog_handler.LEN_VALUE

Amount of characters reserved for value (counter).

Default = 20

syslog_handler.LEN_TIMESTAMP

Amount of characters reserved for timestamp value (last_matched attribute).

Default = 12

Table Of Contents

Previous topic

Development - module contents

Next topic

Subagent

This Page

Navigation

© Copyright 2009, Luca Ferroni. Created using Sphinx 0.6.1.