[go: up one dir, main page]

Skip to content

teragrep/rlo_06

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

teragrep RFC5424 parser

Features

  • Fast

Non-features

  • Excellent strictness

License

AGPLv3 with additional permissions granted in the license.

Usage

Caution
Please note that next() mutates the contents of the Fragments (rfc5424Frame.priority, rfc5424Frame.version etc) and it is not advised to have references to these between the calls.

Simply create a new RFC5424Frame, give it an inputstream with load(inputStream) and read data with next(). It will return true or false depending on whether there were data to read. Note that toString() needs to be used when printing. You can optionally pass true to in the constructor for enabling newline feed termination, defaults to false.

boolean linefeedTermination = false;
RFC5424Frame rfc5424Frame = new RFC5424Frame(linefeedTermination);
rfc5424Frame.load(inputStream);
if(rfc5424Frame.next()) {
    System.out.println("Priority: " + rfc5424Frame.priority.toString());
    System.out.println("Version: " + rfc5424Frame.version.toString());
    System.out.println("Timestamp: " + rfc5424Frame.timestamp.toString());
    System.out.println("Hostname: " + rfc5424Frame.hostname.toString());
    System.out.println("Appname: " + rfc5424Frame.appName.toString());
    System.out.println("ProcID: " + rfc5424Frame.procId.toString());
    System.out.println("MsgID: " + rfc5424Frame.msgId.toString());
    System.out.println("Message: " + rfc5424Frame.msg.toString());
}
else {
    System.out.printn("No data left");
}

For structured data property extraction, create a new SDVector("key@48577", "value"); and pass it to rfc5424Frame.structuredData.getValue(sdVector):

SDVector sdVector = new SDVector("ID_ELEMENT_NAME@48577", "ELEMENT_KEY");
// "<14>1 2014-06-20T09:14:07.123456+00:00 hostname appname - - [ID_ELEMENT_NAME@48577 ELEMENT_KEY=\"MyValue\"] message";
//                                                               ^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^

System.out.println(rfc5424Frame.structuredData.getValue(sdVector).toString()); // Returns "MyValue"

You can also access structured data directly as a list:

for (SDElement sdElement : rfc5424Frame.structuredData.sdElements) {
    System.out.println("SDElement " + sdElement.sdElementId + " has: ");
    for (SDParam sdParam : sdElement.sdParams) {
        System.out.println("\tKey: '" + sdParam.sdParamKey + "' Value: '"+ sdParam.sdParamValue + "'");
    }
}

You can get Severity and Facility values using RFC5424Severity and RFC5424Facility classes:

// "<134>1 2018-01-01T10:12:00+01:00 hostname appname - - - Message";
// 16*8 + 6 = 134
RFC5424Facility facility = new RFC5424Facility(rfc5424Frame.priority);
RFC5424Severity severity = new RFC5424Severity(rfc5424Frame.priority);

System.out.println("Facility is " + facility.asInt()); // 16
System.out.println("Severity is " + severity.asInt()); // 6

You can get ZonedDateTime using RFC5424Timestamp class:

RFC5424Timestamp timestamp = new RFC5424Timestamp(rfc5424Frame.timestamp);
System.out.println("Current timestamp in ZonedDateTime: " + timestamp.toZonedDateTime());

Contributing

You can involve yourself with our project by opening an issue or submitting a pull request.

Contribution requirements:

  1. All changes must be accompanied by a new or changed test. If you think testing is not required in your pull request, include a sufficient explanation as why you think so.

  2. Security checks must pass

  3. Pull requests must align with the principles and values of extreme programming.

  4. Pull requests must follow the principles of Object Thinking and Elegant Objects (EO).

Read more in our Contributing Guideline.

Contributor License Agreement

Contributors must sign Teragrep Contributor License Agreement before a pull request is accepted to organization’s repositories.

You need to submit the CLA only once. After submitting the CLA you can contribute to all Teragrep’s repositories.