Version: 0.12

syslog

The syslog codec supports marshalling the IETF and BSD syslog formats.

BSD Example

A syslog message following the BSD format as follows:

<13>Jan  5 15:33:03 74794bfb6795 root[8539]: i am foobar

The equivalent representation as a tremor value

{
  "severity": "notice",
  "facility": "user",
  "hostname": "74794bfb6795",
  "appname": "root",
  "msg": "i am foobar",
  "procid": 8539,
  "msgid": null,
  "protocol": "RFC3164",
  "protocol_version": null,
  "structured_data": null,
  "timestamp": 1609860783000000000
}

IETF example

A syslog message following IETF standard as follows:

<165>1 2021-03-18T20:30:00.123Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut=\"3\" eventSource=\"Application\" eventID=\"1011\"] BOMAn application event log entry..."

The equivalent representation as a tremor value.

{
  "severity": "notice",
  "facility": "local4",
  "hostname": "mymachine.example.com",
  "appname": "evntsog",
  "msg": "BOMAn application event log entry...",
  "procid": null,
  "msgid": "ID47",
  "protocol": "RFC5424",
  "protocol_version": 1,
  "structured_data": {
              "exampleSDID@32473" :
              [
                {"iut": "3"},
                {"eventSource": "Application"},
                {"eventID": "1011"}
              ]
            },
  "timestamp": 1616099400123000000
}

Considerations

note

Malformed syslog messages are treated per rfc3164 protocol semantics resulting in the entire string being dumped into the msg of the result record.

syslog

BSD Example​

IETF example​

Considerations​

BSD Example

IETF example

Considerations