1. 首頁
  2. 問答
  3. Python SysLogHandler - > syslog:logstash。設施沒有改變

Python SysLogHandler - > syslog:logstash。設施沒有改變

2014-09-03 44 views
2

我試圖用logging.handlers.SysLogHandler進行日誌記錄並將其發送到logstash。Python SysLogHandler - > syslog:logstash。設施沒有改變

Python代碼:

import logging 
from logging import handlers 

# create logger 
logger = logging.getLogger('simple_example') 
logger.setLevel(logging.DEBUG) 

# create console handler and set level to debug 
ch = handlers.SysLogHandler(facility=handlers.SysLogHandler.LOG_AUTH) 
ch.setLevel(logging.DEBUG) 

# create formatter 
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s') 

# add formatter to ch 
ch.setFormatter(formatter) 

# add ch to logger 
logger.addHandler(ch) 

logger.info('go')

logstash CONF:

input { 
    syslog { 
    } 
} 
output { 
    stdout {codec => rubydebug {}} 
}

輸出logstash:

{ 
      "message" => "<38>2014-09-03 12:48:36,700 - simple_example - INFO - go\u0000", 
      "@version" => "1", 
     "@timestamp" => "2014-09-03T12:48:36.702Z", 
       "host" => "127.0.0.1", 
       "tags" => [ 
     [0] "_grokparsefailure" 
    ], 
      "priority" => 13, 
      "severity" => 5, 
      "facility" => 1, 
    "facility_label" => "user-level", 
    "severity_label" => "Notice" 
}

但是,如果我改變設施= handlers.SysLogHandler.LOG_DAEMON 是不改變輸出logstash:

{ 
      "message" => "<30>2014-09-03 12:51:52,307 - simple_example - INFO - go\u0000", 
      "@version" => "1", 
     "@timestamp" => "2014-09-03T12:51:52.307Z", 
       "host" => "127.0.0.1", 
       "tags" => [ 
     [0] "_grokparsefailure" 
    ], 
      "priority" => 13, 
      "severity" => 5, 
      "facility" => 1, 
    "facility_label" => "user-level", 
    "severity_label" => "Notice" 
}

如何更改:facility,severity,priority,facility_label,severity_label?

最有可能,因爲Python不添加此信息:

output { 
    stdout {} 
} 

2014-09-03T13:19:14.862+0000 127.0.0.1 <30>2014-09-03 13:19:14,860 - simple_example - INFO - go

但怎麼加呢?

來源

2014-09-03 Greg Eremeev

+0

看來,Python使一種不適合日誌隱藏的格式。 此輸入僅支持RFC3164系統日誌,但「2014-09-03T13:19:14.862 + 0000」127.0.0.1 2014-09-03 13:19:14,860 - simple_example - INFO - go「與RFC3164不同 – 2014-09-03 14:51:51

回答

1

如何更改:facility,severity,priority,facility_label, severity_label?

退房的文檔爲logging.handlers

  • 可以包括在SysLogHandler初始化facility。在DOC中列出允許的水平上面鏈接:

    ch = handlers.SysLogHandler(facility=handlers.SysLogHandler.LOG_AUTH, facility=LOG_LOCAL0)

  • priority從日誌級別,這是由消息發送器設置logger.warn() VS logger.info()等的文檔mapPriority狀態映射「的默認算法映射DEBUG,INFO ,WARNING,ERROR和CRITICAL到等價的系統日誌名稱,以及所有其他級別名稱以'warning'「。

來源

2014-09-22 20:22:47 spazm

相關問題

 相關問題