syslog.server¶
This module provides stuff to implement a UDP/TCP/unix socket syslog/RELP server with Tornado
-
class
BaseSyslogClientConnection
(stream, address, syslog_parameters)[source]¶ Bases:
object
Encapsulates a connection with a syslog client
-
_process_relp_command
(relp_event_id, command, data)[source]¶ RELP client has sent a command. Find the type and make the right answer.
Parameters: - relp_event_id – RELP ID, sent by client
- command – the RELP command
- data – data transmitted after command (can be empty)
-
_read_next_tokens
(*args, **kwargs)[source]¶ _read_next_token() Reads the stream until we get a space delimiter
Note
Tornado coroutine
-
dispatch_relp_client
()[source]¶ Implements RELP protocol
Note
Tornado coroutine
From http://www.rsyslog.com/doc/relp.html:
Request: RELP-FRAME = RELPID SP COMMAND SP DATALEN [SP DATA] TRAILER DATA = [SP 1*OCTET] ; command-defined data, if DATALEN is 0, no data is present COMMAND = 1*32ALPHA TRAILER = LF Response: RSP-HEADER = TXNR SP RSP-CODE [SP HUMANMSG] LF [CMDDATA] RSP-CODE = 200 / 500 ; 200 is ok, all the rest currently erros HUAMANMSG = *OCTET ; a human-readble message without LF in it CMDDATA = *OCTET ; semantics depend on original command
-
dispatch_tcp_client
()[source]¶ Implements Syslog/TCP protocol
Note
Tornado coroutine
From RFC 6587:
It can be assumed that octet-counting framing is used if a syslog frame starts with a digit. TCP-DATA = *SYSLOG-FRAME SYSLOG-FRAME = MSG-LEN SP SYSLOG-MSG MSG-LEN = NONZERO-DIGIT *DIGIT NONZERO-DIGIT = %d49-57 SYSLOG-MSG is defined in the syslog protocol [RFC5424] and may also be considered to be the payload in [RFC3164] MSG-LEN is the octet count of the SYSLOG-MSG in the SYSLOG-FRAME. A transport receiver can assume that non-transparent-framing is used if a syslog frame starts with the ASCII character "<" (%d60). TCP-DATA = *SYSLOG-FRAME SYSLOG-FRAME = SYSLOG-MSG TRAILER TRAILER = LF / APP-DEFINED APP-DEFINED = 1*2OCTET SYSLOG-MSG is defined in the syslog protocol [RFC5424] and may also be considered to be the payload in [RFC3164]
-
-
class
BaseSyslogServer
(syslog_parameters)[source]¶ Bases:
tornado.tcpserver.TCPServer
,pyloggr.syslog.udpserver.UDPServer
Basic Syslog/RELP server
-
_handle_connection
(connection, address)[source]¶ Inherits _handle_connection from parent TCPServer to manage SSL connections. Called by Tornado when a client connects.
-
handle_stream
(stream, address)[source]¶ Called by tornado when we have a new client.
Parameters: - stream (IOStream) – IOStream for the new connection
- address (tuple) – tuple (client IP, client source port)
Note
Tornado coroutine
-
-
class
SyslogParameters
(conf)[source]¶ Bases:
object
Encapsulates the syslog configuration
-
wrap_ssl_sock
(sock, ssl_options)[source]¶ Wrap a socket into a SSL socket
Parameters: - sock – socket to wrap
- ssl_options (pyloggr.config.SSLConfig) – SSL options