1. 技术文章
  2. Random UDP message received needs to be parsed to python file through rsyslog omprog

Random UDP message received needs to be parsed to python file through rsyslog omprog

给你一囗甜甜゛ 提交于 2019-12-11 16:43:47

问题


I'm setting up a python script that will parse the inputs received via UDP from another server. Since the message or number of messages can be received randomly, I'm trying to rsyslog omprog to parse the inputs. However, I'm unable to read the message on UDP and unable to send the input received as parameter to python using omprog

Receiving syslog message from particular server will be stored in /var/log/pcrf_notification.log Therefore, I configured the rsyslog.conf like below:

         [root@PORSG1NT101A]# vi /etc/rsyslog.conf
         $ModLoad imudp
         $UDPServerRun 514

         $template RemoteLogs,"/var/log/%HOSTNAME%/pcrf_notification.log"
         *.* ?RemoteLogs

The content withing the pcrf_notification.log will be: 

 Mar 15 16:27:30 PORPF0MP1 Policy Syslog: 5540149665,123,5000001,2019-03-15T16:27:30.290

 Mar 15 16:27:52 PORPF0MP1 Policy Syslog: 5540149665,123,5000001,2019-03-15T16:27:52.895

Now i need to send each line when received to a python script. This is I'm failing at.

For example, I need to send

 "Mar 15 16:27:52 PORPF0MP1 Policy Syslog: 5540149665,123,5000001,2019-03-15T16:27:52.895"

to a python script.

I created a pcrf_scripting.conf file in rsyslog.d folder

 [root@PORSG1NT101A rsyslog.d]# vi /etc/rsyslog.d/pcrf_scripting.conf
                   $ModLoad omprog
                  :inputname, isequal, "imudp" action(type="omprog"
                   binary="/tmp/hello.py --param1 a --param2 b"
                   template="RSYSLOG_TraditionalFileFormat")

I need to replace --param1 a --param2 b with each line.


回答1:


This minimal example worked for me (rsyslogd version 8.30.0). In /etc/rsyslog.conf we have

$ModLoad imudp # UDP listener
$UDPServerRun 514
$ModLoad omprog
:inputname, isequal, "imudp"  action(type="omprog"
  binary="/tmp/prog.py" template="RSYSLOG_TraditionalFileFormat")

In /tmp/prog.py we have

#!/usr/bin/python3
import sys
with open("/tmp/output","w",encoding='utf8',errors='ignore') as fd:
    for data in sys.stdin:
        print("got data: %s" % data[:-1], file=fd, flush=True)

When a udp packet arrives it is passed through to the python program which prints it to file /tmp/output. Make sure to chmod a+rx /tmp/prog.py.



来源:https://stackoverflow.com/questions/55817264/random-udp-message-received-needs-to-be-parsed-to-python-file-through-rsyslog-om

标签
python
logging
rsyslog
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!