Juniper/open-nti-input-syslog

Name: open-nti-input-syslog

Owner: Juniper Networks

Description: DEPRECATED - Standalone container running fluentd to parse syslog

Created: 2016-05-20 18:07:20.0

Updated: 2016-12-23 05:04:03.0

Pushed: 2016-12-23 05:21:58.0

Homepage:

Size: 34

Language: Python

GitHub Committers

UserMost Recent Commit# Commits

Other Committers

UserEmailMost Recent Commit# Commits

README

status deprecated

This project is has been moved into the main repository https://github.com/Juniper/open-nti and this repo is now deprecated

open-nti-input-syslog

Standalone container running fluentd to parse syslog

This container has been designed to work with the project OpenNTI but it can fit for other projects as well.
Multiple type of output are supported and can be defined at launch time:

This container can run in standalone mode or it can you can run multiple behind a load-balancer using docker-compose. A docker-compose configuration file is (not yet) provided.

Environment variables

So parameters can be overwritten using environment variables define at launch time.
Here is the list of variables available with their default value.

Define type of output
TPUT_KAFKA: false
TPUT_INFLUXDB: false
TPUT_MQTT: false
TPUT_STDOUT: false

Input port
RT_SYSLOG: 6000

parameter for Influxdb
FLUXDB_ADDR: localhost
FLUXDB_PORT: 8086
FLUXDB_DB: juniper
FLUXDB_USER: juniper
FLUXDB_PWD: juniper
FLUXDB_FLUSH_INTERVAL: 2

parameter for Kafka
FKA_ADDR: localhost
FKA_PORT: 9092
FKA_DATA_TYPE: json
FKA_TOPIC: events

For latest list of environment variables please refer to Dockerfile

Here is an example to define an environment variable

er run -d -e INFLUXDB_ADDR: 'localhost' -i juniper/open-nti-input-syslog
Build and Tests

The project include few tests to ensure that everything is working as expected You can run all tests with

install -r requirements.txt
on -m pytest -v

To run these tests additional containers will be downloaded

In addition, all tests are executed on Travis after each commit.

Inside the test directory there are some packet captures that can be use to generate traffic You can play them using tcpreplay.

ests/fixtures/test_syslog_qfx_01
er run --rm -t -v $(pwd):/data -i dgarros/tcpreplay /usr/bin/tcpreplay --pps=10 --intf1=eth0 syslog_qfx_01_16000.pcap
This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.