remote_syslog 1.0.0 → 1.1.0

data/Gemfile

@@ -1,3 +1,3 @@
-gem 'daemons'
-gem 'eventmachine'
-gem 'eventmachine-tail'
+source :rubygems
+
+gemspec

data/README.md

@@ -46,21 +46,26 @@ specified as arguments to the remote_syslog daemon. More below.
         -p, --dest-port PORT             Destination syslog port (514)
         -P, --pid-dir DIRECTORY          Directory to write .pid file in (/var/run/)
         -s, --severity SEVERITY          Severity (notice)
+            --strip-color                Strip color codes
         -h, --help                       Show this message
+
     
 
 ## Example
 
-Daemonize, collecting from files mentioned in ./config/logs.yml as well as
-/var/log/mysqld.log:
+Daemonize, collecting from files mentioned in `./config/logs.yml` as well as
+`/var/log/mysqld.log`:
+
     $ remote_syslog -c configs/logs.yml -p 12345 /var/log/mysqld.log
 
-Stay attached to the terminal, look for and use /etc/log_files.yml if it exists, 
-write PID to /tmp/remote_syslog.pid, and send with facility local0:
+Stay attached to the terminal, look for and use `/etc/log_files.yml` if it
+exists, write PID to `/tmp/remote_syslog.pid`, and send with facility local0:
+
     $ remote_syslog -d a.server.com -f local0 -P /tmp /var/log/mysqld.log
 
 remote_syslog will daemonize by default. A sample init file is in the gem as 
 remote_syslog.init.d. You may be able to:
+
     $ cp examples/remote_syslog.init.d /etc/init.d/remote_syslog
 
 
@@ -73,9 +78,11 @@ The gem comes with a sample config.  Optionally:
     $ cp examples/log_files.yml.example /etc/log_files.yml
     
 log_files.yml has filenames to log from (as an array) and hostname and port 
-to log to (as a hash).  Only 1 destination server is supported; the command-line
-argument wins.  Filenames given on the command line are additive to those 
-in the config file.
+to log to (as a hash). Wildcards are supported using * and standard shell 
+globbing. Filenames given on the command line are additive to those in 
+the config file.
+
+Only 1 destination server is supported; the command-line argument wins. 
 
     files: [/var/log/httpd/access_log, /var/log/httpd/error_log, /var/log/mysqld.log, /var/run/mysqld/mysqld-slow.log]
     destination:
@@ -85,7 +92,6 @@ in the config file.
 
 ## Reporting bugs
 
-
 1. See whether the issue has already been reported: <https://github.com/papertrail/remote_syslog/issues/>
 2. If you don't find one, create an issue with a repro case.
 

data/bin/remote_syslog

@@ -14,18 +14,19 @@ require 'remote_syslog'
 def remote_syslog_daemon(args)
   options = {
     :configfile => '/etc/log_files.yml',
-    :dest_host => 'logs.papertrailapp.com',
-    :dest_port => 514
+    :dest_host  => 'logs.papertrailapp.com',
+    :dest_port  => 514
   }
   daemonize_options = {
-     :app_name   => File.basename($0) || "remote_syslog",
-     :ARGV       => ['start'],
-     :dir_mode   => :system,
-     :multiple   => false,
-     :ontop      => false,
-     :mode       => :exec,
-     :backtrace  => false,
-     :monitor    => false
+    :app_name    => File.basename($0) || "remote_syslog",
+    :ARGV        => ['start'],
+    :dir_mode    => :system,
+    :multiple    => false,
+    :ontop       => false,
+    :mode        => :exec,
+    :backtrace   => false,
+    :monitor     => false,
+    :strip_color => false
   }
 
   op = OptionParser.new do |opts|
@@ -61,6 +62,9 @@ def remote_syslog_daemon(args)
     opts.on("-s", "--severity SEVERITY", "Severity (notice)") do |v|
       options[:severity] = v.upcase
     end
+    opts.on("--strip-color", "Strip color codes") do
+      options[:strip_color] = true
+    end
     opts.on_tail("-h", "--help", "Show this message") do
       puts opts
       exit
@@ -97,9 +101,9 @@ def remote_syslog_daemon(args)
       files.each do |path|
         begin
           EventMachine::file_tail(File.expand_path(path), RemoteSyslog::Reader, 
-                                  options[:dest_host], options[:dest_port],
-                                  { :socket => socket, :facility => options[:facility], 
-                                    :severity => options[:severity] })
+            options[:dest_host], options[:dest_port],
+            :socket => socket, :facility => options[:facility],
+            :severity => options[:severity], :strip_color => options[:strip_color])
                                   
         rescue Errno::ENOENT => e
           puts "#{File.expand_path(path)} not found, continuing. (#{e.message})"

data/examples/log_files.yml.example

@@ -1,4 +1,4 @@
-files: [/var/log/httpd/access_log, /var/log/httpd/error_log, /var/log/mysqld.log, /var/run/mysqld/mysqld-slow.log]
+files: [/var/log/httpd/access_log, /var/log/httpd/error_log, /opt/misc/*, /var/log/mysqld.log, /var/run/mysqld/mysqld-slow.log]
 destination:
   host: logs.papertrailapp.com
   port: 12345   # optional, defaults to 514

data/examples/remote_syslog.supervisor.conf

@@ -0,0 +1,9 @@
+# Supervisor conf file for stock Ubuntu 11.04 install
+[program:remote_syslog]
+
+command=/var/lib/gems/1.8/bin/remote_syslog --no-detach
+user=root
+group=root
+autostart=true
+autorestart=true
+redirect_stderr=true

data/lib/remote_syslog/reader.rb

@@ -1,57 +1,69 @@
+require 'eventmachine'
+require 'eventmachine-tail'
+require 'em-dns-resolver'
+require 'syslog_protocol'
+
 module RemoteSyslog
   class Reader < EventMachine::FileTail
-    def initialize(path, dest_addr, dest_port, options = {})
-      @dest_addr = dest_addr
-      @dest_port = dest_port.to_i
-      
+    COLORED_REGEXP = /\e\[(?:(?:[34][0-7]|[0-9]);){0,2}(?:[34][0-7]|[0-9])m/
+
+    def initialize(path, destination_address, destination_port, options = {})
+      super(path, -1)
+
+      @destination_address = destination_address
+      @destination_port    = destination_port.to_i
+
+      @strip_color = options[:strip_color]
+
       @socket = options[:socket] || EventMachine.open_datagram_socket('0.0.0.0', 0)
-      @program = options[:program] || File.basename(path) || 'remote_syslog'
-      @hostname = options[:hostname] || `hostname`.strip
-      @hostname = 'localhost' unless @hostname && @hostname != ''
-      
-      if options[:severity]
-        @severity = severity_value(options[:severity]) || raise(ArgumentError, "Invalid severity: #{options[:severity]} (valid: #{severities.keys.join(', ')})")
-      else
-        @severity = severity_value(:notice)
+
+      @buffer = BufferedTokenizer.new
+
+      @packet = SyslogProtocol::Packet.new
+
+      local_hostname = options[:hostname] || (Socket.gethostname rescue `hostname`.chomp)
+      if local_hostname.nil? || local_hostname.empty?
+        local_hostname = 'localhost'
       end
-      
-      if options[:facility]
-        @facility = facility_value(options[:facility]) || raise(ArgumentError, "Invalid facility: #{options[:facility]} (valid: #{facilities.keys.join(', ')}")
-      else
-        @facility = facility_value(:user)
+
+      @packet.hostname = local_hostname
+      @packet.facility = options[:facility] || 'user'
+      @packet.severity = options[:severity] || 'notice'
+      @packet.tag      = options[:program]  || File.basename(path) || File.basename($0)
+
+      # Try to resolve the destination address
+      resolve_destination_address
+
+      # Every 60 seconds we'll see if the address has changed
+      EventMachine.add_periodic_timer(60) do
+        resolve_destination_address
       end
+    end
 
-      super(path, -1)
-      @buffer = BufferedTokenizer.new
+    def resolve_destination_address
+      request = EventMachine::DnsResolver.resolve(@destination_address)
+      request.callback do |addrs|
+        @cached_destination_ip = addrs.first
+      end
     end
-  
+
     def receive_data(data)
       @buffer.extract(data).each do |line|
         transmit(line)
       end
     end
 
+    def destination_address
+      @cached_destination_ip || @destination_address
+    end
+
     def transmit(message)
-      time ||= Time.now
-      day = time.strftime('%b %d').sub(/0(\d)/, ' \\1')
+      message = message.gsub(COLORED_REGEXP, '') if @strip_color
 
-      @socket.send_datagram("<#{(@facility) + @severity}>#{day} #{time.strftime('%T')} #{@hostname} #{@program}: #{message}", @dest_addr, @dest_port)
-    end
-    
-    def facility_value(f)
-      f.is_a?(Integer) ? f*8 : facilities[f.to_sym]
-    end
-    
-    def severity_value(s)
-      s.is_a?(Integer) ? s : severities[s.to_sym]
-    end
-    
-    def facilities
-      Levels::FACILITIES
-    end
-    
-    def severities
-      Levels::SEVERITIES
+      packet = @packet.dup
+      packet.content = message
+
+      @socket.send_datagram(packet.assemble, destination_address, @destination_port)
     end
   end
 end

data/lib/remote_syslog.rb

@@ -1,5 +1,5 @@
 module RemoteSyslog
- VERSION = "1.0.0"
+ VERSION = "1.1.0"
 end
 
 require 'remote_syslog/levels'

data/remote_syslog.gemspec

@@ -8,8 +8,8 @@ Gem::Specification.new do |s|
   ## If your rubyforge_project name is different, then edit it and comment out
   ## the sub! line in the Rakefile
   s.name              = 'remote_syslog'
-  s.version           = '1.0.0'
-  s.date              = '2011-03-22'
+  s.version           = '1.1.0'
+  s.date              = '2011-05-26'
   s.rubyforge_project = 'remote_syslog'
 
   ## Make sure your summary is short. The description may be as long
@@ -20,18 +20,14 @@ Gem::Specification.new do |s|
   ## List the primary authors. If there are a bunch of authors, it's probably
   ## better to set the email to an email list or something. If you don't have
   ## a custom homepage, consider using your GitHub URL or the like.
-  s.authors  = ['Papertrail']
-  s.email    = 'troy@sevenscale.com'
+  s.authors  = [ 'Troy Davis', 'Eric Lindvall' ]
+  s.email    = [ 'troy@sevenscale.com', 'eric@sevenscale.com' ]
   s.homepage = 'http://github.com/papertrail/remote_syslog'
   
   ## This gets added to the $LOAD_PATH so that 'lib/NAME.rb' can be required as
   ## require 'NAME.rb' or'/lib/NAME/file.rb' can be as require 'NAME/file.rb'
   s.require_paths = %w[lib]
 
-  ## This sections is only necessary if you have C extensions.
-  #s.require_paths << 'ext'
-  #s.extensions = %w[ext/extconf.rb]
-
   ## If your gem includes any executables, list them here.
   s.executables = ['remote_syslog']
   s.default_executable = 'remote_syslog'
@@ -47,6 +43,8 @@ Gem::Specification.new do |s|
   s.add_dependency 'daemons'
   s.add_dependency 'eventmachine'
   s.add_dependency 'eventmachine-tail'
+  s.add_dependency 'syslog_protocol'
+  s.add_dependency 'em-resolv-replace'
 
   ## List your development dependencies here. Development dependencies are
   ## those that are only needed during development
@@ -64,6 +62,7 @@ Gem::Specification.new do |s|
     bin/remote_syslog
     examples/log_files.yml.example
     examples/remote_syslog.init.d
+    examples/remote_syslog.supervisor.conf
     lib/remote_syslog.rb
     lib/remote_syslog/levels.rb
     lib/remote_syslog/reader.rb

metadata

@@ -1,21 +1,22 @@
 --- !ruby/object:Gem::Specification 
 name: remote_syslog
 version: !ruby/object:Gem::Version 
-  hash: 23
+  hash: 19
   prerelease: false
   segments: 
   - 1
+  - 1
   - 0
-  - 0
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors: 
-- Papertrail
+- Troy Davis
+- Eric Lindvall
 autorequire: 
 bindir: bin
 cert_chain: []
 
-date: 2011-03-22 00:00:00 -07:00
+date: 2011-05-26 00:00:00 -07:00
 default_executable: remote_syslog
 dependencies: 
 - !ruby/object:Gem::Dependency 
@@ -60,8 +61,38 @@ dependencies:
         version: "0"
   type: :runtime
   version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: syslog_protocol
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: em-resolv-replace
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id005
 description: Lightweight daemon to tail one or more log files and transmit UDP syslog messages to a remote syslog host (centralized log aggregation). Generates UDP packets itself instead of depending on a system syslog daemon, so it doesn't affect system-wide logging configuration.
-email: troy@sevenscale.com
+email: 
+- troy@sevenscale.com
+- eric@sevenscale.com
 executables: 
 - remote_syslog
 extensions: []
@@ -77,6 +108,7 @@ files:
 - bin/remote_syslog
 - examples/log_files.yml.example
 - examples/remote_syslog.init.d
+- examples/remote_syslog.supervisor.conf
 - lib/remote_syslog.rb
 - lib/remote_syslog/levels.rb
 - lib/remote_syslog/reader.rb