On 15 April 2015 at 20:16, David Lang da...@lang.hm wrote:
This is why I love opensource software, comment on a need and someone will
point at a tool.
Thanks!
wq
On Wed, 15 Apr 2015, Brian Knox wrote:
We keep our logs in JSON format and don't find it to be a drawback. We
have logs
On 4/15/15, 12:43 AM, David Lang da...@lang.hm wrote:
look at liblogging, it was started as part of lumberjack for exactly this
purpose.
liblogging does not currently support structured logging. I've opened an
issue in GitHub to track that:
https://github.com/rsyslog/liblogging/issues/22
On
On Apr 14, 2015, at 11:43 PM, David Lang da...@lang.hm wrote:
On Wed, 15 Apr 2015, Ezell, Matthew A. wrote:
Hello-
What is the current best practice for a portable application to get
structured data to rsyslog?
... gets JSON printed to the log. That may be undesirable in the common
On Wed, Apr 15, 2015 at 6:25 PM, Dave Caplinger
davecaplin...@solutionary.com wrote:
On Apr 14, 2015, at 11:43 PM, David Lang da...@lang.hm wrote:
On Wed, 15 Apr 2015, Ezell, Matthew A. wrote:
[...]
what I do is to take whatever message was output and then run mmjsonparse
against
To: rsyslog-users rsyslog@lists.adiscon.com
Subject: Re: [rsyslog] Best practice for an application to get structured data
to rsyslog
On Wed, Apr 15, 2015 at 6:25 PM, Dave Caplinger
davecaplin...@solutionary.com wrote:
On Apr 14, 2015, at 11:43 PM, David Lang da...@lang.hm wrote:
On Wed, 15 Apr
We keep our logs in JSON format and don't find it to be a drawback. We
have logs searchable in elasticsearch - and for working with logs on disk,
have a small program that logs can be piped through that strips out
everything but the json which makes it very easy to pipe logs to jq (a
command line
Have you looked at mmjsonparse? It solves the problem of
de-serializing structured-messages handed-over to rsyslog in
JSON-serialized form.
For dual-mode: structured and unstructured, 2 common approaches exist.
- Passing structured messages as JSON and optionally handling the
differently on
Hello-
What is the current best practice for a portable application to get
structured data to rsyslog?
Most modern syslog daemons seem to support some type of JSON format, but
applications still tend to use the old syslog(3) function for logging. If
an application emits CEE JSON directly to
Sure, as a system administrator it's pretty clear how best to handle this.
If there's CEE JSON data coming over the wire, use mmjsonparse. If it's
unstructured traditional syslog(3) data, use mmnormalize to try to extract
relevant fields based on rules I setup. Write the traditional message
On Wed, 15 Apr 2015, Ezell, Matthew A. wrote:
Hello-
What is the current best practice for a portable application to get
structured data to rsyslog?
Most modern syslog daemons seem to support some type of JSON format, but
applications still tend to use the old syslog(3) function for logging.
On Wed, 15 Apr 2015, Ezell, Matthew A. wrote:
Sure, as a system administrator it's pretty clear how best to handle this.
If there's CEE JSON data coming over the wire, use mmjsonparse. If it's
unstructured traditional syslog(3) data, use mmnormalize to try to extract
relevant fields based on
11 matches
Mail list logo
