syslog_protocol 0.9.0

data/Gemfile

@@ -0,0 +1,2 @@
+source :rubygems
+gemspec

data/README.md

@@ -0,0 +1,84 @@
+# Syslog protocol
+
+roughly conforms to the murky shade of grey known as http://www.faqs.org/rfcs/rfc3164.html
+
+## Examples
+
+### Manipulate packets manually
+
+    require 'syslog_protocol'
+    
+    p = SyslogProtocol::Packet.new
+    p.hostname = "space_station"
+    p.facility = "kern"
+    p.severity = "warn"
+    p.tag = "test"
+    p.content = "flight control broken"
+    p.to_s
+    # => "<4>Aug  1 14:01:17 space_station flight control broken"
+    p.pri
+    # => 4
+    p.facility
+    # => 0
+    p.facility_name
+    # => "kern"
+    p.severity_name
+    # => "warn"
+    p.warn?
+    # => true
+    p.info?
+    # => false
+
+
+### Use a Logger to generate packets
+
+    require 'syslog_protocol'
+    
+    logger = SyslogProtocol::Logger.new("space_station", "uucp")
+    logger.debug("looking for uucp on board the space station")
+    # => "<67>Aug  1 14:02:29 space_station looking for uucp on board the space station"
+    logger.emerg("omg we cant find uucp on the space station")
+    # => "<64>Aug  1 14:03:56 space_station omg we cant find uucp on the space station"
+
+
+### Parse packets
+
+    require 'syslog_protocol'
+    
+    p = SyslogProtocol.parse("<34>Oct 11 22:14:15 space_station space is really getting to me")
+    p.facility
+    # => 4
+    p.severity_name
+    # => "crit"
+    p.time
+    # => Sun Oct 11 22:14:15 -0700 2009
+    p.content
+    # => "space is really getting to me"
+
+
+### It yells at you for trying to abuse the protocol
+
+    p = SyslogProtocol::Packet.new
+    p.facility = 34534534
+    # => ArgumentError: Facility must be within 0-23
+    p.hostname = "my host"
+    # => ArgumentError: Hostname may not contain spaces
+    p.hostname = "h\000stname"
+    # => ArgumentError: Hostname may only contain ASCII characters 33-126
+    # ...etc.
+    # It will also unintelligently truncate messages > 1024 bytes so beware.
+
+
+## Caveats
+
+Syslog is a terrible and loosely defined protocol. Many devices and programs do not
+conform to it and so their packets may not be parsed correctly by this interpretation,
+nor may the packets generated by this necessarily be recognized by other devices or programs ;)
+
+This is probably wrong and buggy, and i know the code is ugly, thanks.
+
+Good luck.
+
+## TODO
+
+* Update to more closely map to the ruby `syslog` API where possible

data/Rakefile

@@ -0,0 +1,150 @@
+require 'rubygems'
+require 'rake'
+require 'date'
+
+#############################################################################
+#
+# Helper functions
+#
+#############################################################################
+
+def name
+  @name ||= Dir['*.gemspec'].first.split('.').first
+end
+
+def version
+  line = File.read("lib/#{name}.rb")[/^\s*VERSION\s*=\s*.*/]
+  line.match(/.*VERSION\s*=\s*['"](.*)['"]/)[1]
+end
+
+def date
+  Date.today.to_s
+end
+
+def rubyforge_project
+  name
+end
+
+def gemspec_file
+  "#{name}.gemspec"
+end
+
+def gem_file
+  "#{name}-#{version}.gem"
+end
+
+def replace_header(head, header_name)
+  head.sub!(/(\.#{header_name}\s*= ').*'/) { "#{$1}#{send(header_name)}'"}
+end
+
+#############################################################################
+#
+# Standard tasks
+#
+#############################################################################
+
+task :default => :test
+
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+desc "Generate RCov test coverage and open in your browser"
+task :coverage do
+  require 'rcov'
+  sh "rm -fr coverage"
+  sh "rcov test/test_*.rb"
+  sh "open coverage/index.html"
+end
+
+require 'rake/rdoctask'
+Rake::RDocTask.new do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "#{name} #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+desc "Open an irb session preloaded with this library"
+task :console do
+  sh "irb -rubygems -r ./lib/#{name}.rb"
+end
+
+#############################################################################
+#
+# Custom tasks (add your own tasks here)
+#
+#############################################################################
+
+
+
+#############################################################################
+#
+# Packaging tasks
+#
+#############################################################################
+
+desc "Create tag v#{version} and build and push #{gem_file} to Rubygems"
+task :release => :build do
+  unless `git branch` =~ /^\* master$/
+    puts "You must be on the master branch to release!"
+    exit!
+  end
+  sh "git commit --allow-empty -a -m 'Release #{version}'"
+  sh "git tag v#{version}"
+  sh "git push origin master"
+  sh "git push origin v#{version}"
+  sh "gem push pkg/#{name}-#{version}.gem"
+end
+
+desc "Build #{gem_file} into the pkg directory"
+task :build => :gemspec do
+  sh "mkdir -p pkg"
+  sh "gem build #{gemspec_file}"
+  sh "mv #{gem_file} pkg"
+end
+
+desc "Generate #{gemspec_file}"
+task :gemspec => :validate do
+  # read spec file and split out manifest section
+  spec = File.read(gemspec_file)
+  head, manifest, tail = spec.split("  # = MANIFEST =\n")
+
+  # replace name version and date
+  replace_header(head, :name)
+  replace_header(head, :version)
+  replace_header(head, :date)
+  #comment this out if your rubyforge_project has a different name
+  replace_header(head, :rubyforge_project)
+
+  # determine file list from git ls-files
+  files = `git ls-files`.
+    split("\n").
+    sort.
+    reject { |file| file =~ /^\./ }.
+    reject { |file| file =~ /^(rdoc|pkg)/ }.
+    map { |file| "    #{file}" }.
+    join("\n")
+
+  # piece file back together and write
+  manifest = "  s.files = %w[\n#{files}\n  ]\n"
+  spec = [head, manifest, tail].join("  # = MANIFEST =\n")
+  File.open(gemspec_file, 'w') { |io| io.write(spec) }
+  puts "Updated #{gemspec_file}"
+end
+
+desc "Validate #{gemspec_file}"
+task :validate do
+  libfiles = Dir['lib/*'] - ["lib/#{name}.rb", "lib/#{name}"]
+  unless libfiles.empty?
+    puts "Directory `lib` should only contain a `#{name}.rb` file and `#{name}` dir."
+    exit!
+  end
+  unless Dir['VERSION*'].empty?
+    puts "A `VERSION` file at root level violates Gem best practices."
+    exit!
+  end
+end

data/lib/syslog_protocol.rb

@@ -0,0 +1,8 @@
+require 'syslog_protocol/common'
+require 'syslog_protocol/packet'
+require 'syslog_protocol/logger'
+require 'syslog_protocol/parser'
+
+module SyslogProtocol
+  VERSION = '0.9.0'
+end

data/lib/syslog_protocol/common.rb

@@ -0,0 +1,79 @@
+module SyslogProtocol
+  # These hashes stolen from Syslog.pm
+  
+  FACILITIES = {
+    'kern'     => 0,
+    'user'     => 1,
+    'mail'     => 2,
+    'daemon'   => 3,
+    'auth'     => 4,
+    'syslog'   => 5,
+    'lpr'      => 6,
+    'news'     => 7,
+    'uucp'     => 8,
+    'cron'     => 9,
+    'authpriv' => 10,
+    'ftp'      => 11,
+    'ntp'      => 12,
+    'audit'    => 13,
+    'alert'    => 14,
+    'at'       => 15,
+    'local0'   => 16,
+    'local1'   => 17,
+    'local2'   => 18,
+    'local3'   => 19,
+    'local4'   => 20,
+    'local5'   => 21,
+    'local6'   => 22,
+    'local7'   => 23
+  }
+  
+  FACILITY_INDEX = {
+    0   => 'kern',
+    1   => 'user',
+    2   => 'mail',
+    3   => 'daemon',
+    4   => 'auth',
+    5   => 'syslog',
+    6   => 'lpr',
+    7   => 'news',
+    8   => 'uucp',
+    9   => 'cron',
+    10  => 'authpriv',
+    11  => 'ftp',
+    12  => 'ntp',
+    13  => 'audit',
+    14  => 'alert',
+    15  => 'at',
+    16  => 'local0',
+    17  => 'local1',
+    18  => 'local2',
+    19  => 'local3',
+    20  => 'local4',
+    21  => 'local5',
+    22  => 'local6',
+    23  => 'local7'
+  }
+  
+  SEVERITIES = {
+    'emerg'   => 0,
+    'alert'   => 1,
+    'crit'    => 2,
+    'err'     => 3,
+    'warn'    => 4,
+    'notice'  => 5,
+    'info'    => 6,
+    'debug'   => 7 
+  }
+  
+  SEVERITY_INDEX = {
+    0  => 'emerg',
+    1  => 'alert',
+    2  => 'crit',
+    3  => 'err',
+    4  => 'warn',
+    5  => 'notice',
+    6  => 'info',
+    7  => 'debug'
+  }
+end

data/lib/syslog_protocol/logger.rb

@@ -0,0 +1,21 @@
+module SyslogProtocol
+  class Logger
+    def initialize(hostname, tag, facility)
+      @packet = Packet.new
+      @packet.hostname = hostname
+      @packet.tag      = tag
+      @packet.facility = facility
+    end
+    
+    SEVERITIES.each do |k,v|
+      define_method(k) do |content|
+        raise ArgumentError.new("Message may not be omitted") unless content and content.length > 0
+
+        p = @packet.dup
+        p.severity = k
+        p.content = content
+        p.assemble
+      end
+    end
+  end
+end

data/lib/syslog_protocol/packet.rb

@@ -0,0 +1,122 @@
+module SyslogProtocol
+  class Packet
+    attr_reader :facility, :severity, :hostname, :tag
+    attr_accessor :time, :content
+        
+    def to_s
+      assemble
+    end
+
+    def assemble
+      unless @hostname and @facility and @severity and @tag
+        raise "Could not assemble packet without hostname, tag, facility, and severity"
+      end
+      data = "<#{pri}>#{generate_timestamp} #{@hostname} #{@tag}: #{@content}"
+      while data.bytesize > 1024
+        data = data[0..(data.length-2)]
+      end
+      data
+    end
+    
+    def facility=(f)
+      if f.is_a? Integer
+        if (0..23).include?(f)
+          @facility = f
+        else
+          raise ArgumentError.new "Facility must be within 0-23"
+        end
+      elsif f.is_a? String
+        if facility = FACILITIES[f]
+          @facility = facility
+        else
+          raise ArgumentError.new "'#{f}' is not a designated facility"
+        end
+      else
+        raise ArgumentError.new "Facility must be a designated number or string"
+      end
+    end
+
+    def tag=(t)
+      unless t && t.is_a?(String) && t.length > 0
+        raise ArgumentError, "Tag must not be omitted"
+      end
+      if t.length > 32
+        raise ArgumentError, "Tag must not be longer than 32 characters"
+      end
+      if t =~ /\s/
+        raise ArgumentError, "Tag may not contain spaces"
+      end
+      if t =~ /[^\x21-\x7E]/
+        raise ArgumentError, "Tag may only contain ASCII characters 33-126"
+      end
+
+      @tag = t
+    end
+
+    def severity=(s)
+      if s.is_a? Integer
+        if (0..7).include?(s)
+          @severity = s
+        else
+          raise ArgumentError.new "Severity must be within 0-7"
+        end
+      elsif s.is_a? String
+        if severity = SEVERITIES[s]
+          @severity = severity
+        else
+          raise ArgumentError.new "'#{s}' is not a designated severity"
+        end
+      else
+        raise ArgumentError.new "Severity must be a designated number or string"
+      end
+    end
+
+    def hostname=(h)
+      unless h and h.is_a? String and h.length > 0
+        raise ArgumentError.new("Hostname may not be omitted")
+      end
+      if h =~ /\s/
+        raise ArgumentError.new("Hostname may not contain spaces")
+      end
+      if h =~ /[^\x21-\x7E]/
+        raise ArgumentError.new("Hostname may only contain ASCII characters 33-126")
+      end
+      @hostname = h
+    end
+
+    def facility_name
+      FACILITY_INDEX[@facility]
+    end
+
+    def severity_name
+      SEVERITY_INDEX[@severity]
+    end
+
+    def pri
+      (@facility * 8) + @severity
+    end
+
+    def pri=(p)
+      unless p.is_a? Integer and (0..191).include?(p)
+        raise ArgumentError.new "PRI must be a number between 0 and 191"
+      end
+      @facility = p / 8
+      @severity = p - (@facility * 8)
+    end
+    
+    def generate_timestamp
+      time = @time || Time.now
+      # The timestamp format requires that a day with fewer than 2 digits have
+      # what would normally be a preceding zero, be instead an extra space.
+      day = time.strftime("%d")
+      day = day.sub(/^0/, ' ') if day =~ /^0\d/
+      time.strftime("%b #{day} %H:%M:%S")
+    end
+    
+    SEVERITIES.each do |k,v|
+      define_method("#{k}?") {SEVERITIES[k] == @severity}
+    end
+    
+  end
+
+end

data/lib/syslog_protocol/parser.rb

@@ -0,0 +1,57 @@
+require 'time'
+
+module SyslogProtocol
+  
+  def self.parse(msg, origin=nil)
+    packet = Packet.new
+    original_msg = msg.dup
+    pri = parse_pri(msg)
+    if pri and (pri = pri.to_i).is_a? Integer and (0..191).include?(pri)
+      packet.pri = pri
+    else
+      # If there isn't a valid PRI, treat the entire message as content
+      packet.pri = 13
+      packet.time = Time.now
+      packet.hostname = origin || 'unknown'
+      packet.content = original_msg
+      return packet
+    end
+    time = parse_time(msg)
+    if time
+      packet.time = Time.parse(time)
+    else
+      packet.time = Time.now
+    end
+    hostname = parse_hostname(msg)
+    packet.hostname = hostname || origin
+    if m = msg.match(/^(\w+)(: | )(.*)$/)
+      packet.tag = m[1]
+      packet.content = m[3]
+    else
+      packet.tag = 'unknown'
+      packet.content = msg
+    end
+    packet
+  end
+  
+  private
+  
+  def self.parse_pri(msg)
+    pri = msg.slice!(/<(\d\d?\d?)>/)
+    pri = pri.slice(/\d\d?\d?/) if pri
+    if !pri or (pri =~ /^0/ and pri !~ /^0$/)
+      return nil
+    else
+      return pri
+    end
+  end
+  
+  def self.parse_time(msg)
+    msg.slice!(/(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s(\s|[1-9])\d\s\d\d:\d\d:\d\d\s/)
+  end
+  
+  def self.parse_hostname(msg)
+    msg.slice!(/^[\x21-\x7E]+\s/).rstrip
+  end
+  
+end

data/syslog_protocol.gemspec

@@ -0,0 +1,81 @@
+## This is the rakegem gemspec template. Make sure you read and understand
+## all of the comments. Some sections require modification, and others can
+## be deleted if you don't need them. Once you understand the contents of
+## this file, feel free to delete any comments that begin with two hash marks.
+## You can find comprehensive Gem::Specification documentation, at
+## http://docs.rubygems.org/read/chapter/20
+Gem::Specification.new do |s|
+  s.specification_version = 2 if s.respond_to? :specification_version=
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.rubygems_version = '1.3.5'
+
+  ## Leave these as is they will be modified for you by the rake gemspec task.
+  ## If your rubyforge_project name is different, then edit it and comment out
+  ## the sub! line in the Rakefile
+  s.name              = 'syslog_protocol'
+  s.version           = '0.9.0'
+  s.date              = "2009-08-01"
+  # s.rubyforge_project = 'syslog_protocol'
+
+  ## Make sure your summary is short. The description may be as long
+  ## as you like.
+  s.summary     = "Syslog protocol parser and generator"
+  s.description = "Syslog protocol parser and generator"
+
+  ## List the primary authors. If there are a bunch of authors, it's probably
+  ## better to set the email to an email list or something. If you don't have
+  ## a custom homepage, consider using your GitHub URL or the like.
+  s.authors = ["Jake Douglas", 'Eric Lindvall']
+  s.email = [ "jakecdouglas@gmail.com", 'eric@5stops.com' ]
+  s.homepage = 'https://github.com/eric/syslog_protocol'
+
+  ## This gets added to the $LOAD_PATH so that 'lib/NAME.rb' can be required as
+  ## require 'NAME.rb' or'/lib/NAME/file.rb' can be as require 'NAME/file.rb'
+  s.require_paths = %w[lib]
+
+  ## This sections is only necessary if you have C extensions.
+  # s.require_paths << 'ext'
+  # s.extensions = %w[ext/extconf.rb]
+
+  ## If your gem includes any executables, list them here.
+  # s.executables = ["name"]
+  # s.default_executable = 'name'
+
+  ## Specify any RDoc options here. You'll want to add your README and
+  ## LICENSE files to the extra_rdoc_files list.
+  s.rdoc_options = ["--charset=UTF-8"]
+  s.extra_rdoc_files = %w[README.md]
+
+  ## List your runtime dependencies here. Runtime dependencies are those
+  ## that are needed for an end user to actually USE your code.
+  # s.add_dependency('DEPNAME', [">= 1.1.0", "< 2.0.0"])
+
+  ## List your development dependencies here. Development dependencies are
+  ## those that are only needed during development
+  s.add_development_dependency('bacon', [ '~> 1.1.0' ])
+
+  ## Leave this section as-is. It will be automatically generated from the
+  ## contents of your Git repository via the gemspec task. DO NOT REMOVE
+  ## THE MANIFEST COMMENTS, they are used as delimiters by the task.
+  # = MANIFEST =
+  s.files = %w[
+    Gemfile
+    README.md
+    Rakefile
+    lib/syslog_protocol.rb
+    lib/syslog_protocol/common.rb
+    lib/syslog_protocol/logger.rb
+    lib/syslog_protocol/packet.rb
+    lib/syslog_protocol/parser.rb
+    syslog_protocol.gemspec
+    test/helper.rb
+    test/test_logger.rb
+    test/test_packet.rb
+    test/test_parser.rb
+  ]
+  # = MANIFEST =
+
+  ## Test files will be grabbed from the file list. Make sure the path glob
+  ## matches what you actually use.
+  s.test_files = s.files.select { |path| path =~ /^test\/test_.*\.rb/ }
+end

data/test/helper.rb

@@ -0,0 +1,13 @@
+$:.unshift File.expand_path('../../lib', __FILE__)
+
+unless ENV['BUNDLE_GEMFILE']
+  require 'rubygems'
+  require 'bundler'
+  Bundler.setup
+  Bundler.require
+end
+
+require 'bacon'
+Bacon.summary_at_exit
+
+require 'syslog_proto'

data/test/test_logger.rb

@@ -0,0 +1,28 @@
+require File.expand_path('../helper', __FILE__)
+
+describe "syslog logger" do
+  
+  it "create a new logger with hostname and facility" do
+    lambda {@logger = SyslogProto::Logger.new("space_station", 'test', "local0")}.should.not.raise
+  end
+  
+  it "hostname and facility must conform to the requirements of a Packet" do
+    lambda {SyslogProto::Logger.new("space station", "some shit", 'test test')}.should.raise ArgumentError
+  end
+  
+  it "generates packets" do
+    # We have to set a time so we have a consistant timestamp to check against..
+    p = @logger.instance_variable_get("@packet")
+    p.time = Time.now
+    ts = p.generate_timestamp
+    @logger.debug("vacuum tubez are operational").should.equal "<135>#{ts} space_station test: vacuum tubez are operational"
+    @logger.info("firing thrusters at 13 degrees").should.equal "<134>#{ts} space_station test: firing thrusters at 13 degrees"
+    @logger.notice("the hyper drive has been activated").should.equal "<133>#{ts} space_station test: the hyper drive has been activated"
+    @logger.warn("meteorites incoming!").should.equal "<132>#{ts} space_station test: meteorites incoming!"
+    @logger.err("vacuum tube 3 in hyper drive failed").should.equal "<131>#{ts} space_station test: vacuum tube 3 in hyper drive failed"
+    @logger.crit("wing struck by a meteorite!").should.equal "<130>#{ts} space_station test: wing struck by a meteorite!"
+    @logger.alert("LEAKING ATMOSPHERE").should.equal "<129>#{ts} space_station test: LEAKING ATMOSPHERE"
+    @logger.emerg("LEAKING ASTRONAUTS WE ARE DONE").should.equal "<128>#{ts} space_station test: LEAKING ASTRONAUTS WE ARE DONE"
+  end
+  
+end

data/test/test_packet.rb

@@ -0,0 +1,92 @@
+require File.expand_path('../helper', __FILE__)
+
+describe "a syslog packet" do
+  
+  @p = SyslogProto::Packet.new
+  
+  it "should embarrass a person who does not set the fields" do
+    lambda { @p.to_s }.should.raise RuntimeError
+  end
+  
+  it "hostname may not be omitted" do
+    lambda {@p.hostname = ""}.should.raise ArgumentError
+  end
+  
+  it "hostname may only contain ASCII characters 33-126 (no spaces!)" do
+    lambda {@p.hostname = "linux box"}.should.raise ArgumentError
+    lambda {@p.hostname = "\000" + "linuxbox"}.should.raise ArgumentError
+    lambda {@p.hostname = "space_station"}.should.not.raise
+  end
+  
+  it 'tag may only contain ASCII characters 33-126 (no spaces!)' do
+    lambda {@p.tag = "linux box"}.should.raise ArgumentError
+    lambda {@p.tag = "\000" + "linuxbox"}.should.raise ArgumentError
+    lambda {@p.tag = "test"}.should.not.raise
+  end
+
+  it "facility may only be set within 0-23 or with a proper string name" do
+    lambda {@p.facility = 666}.should.raise ArgumentError
+    lambda {@p.facility = "mir space station"}.should.raise ArgumentError
+    
+    lambda {@p.facility = 16}.should.not.raise
+    @p.facility.should.equal 16
+    lambda {@p.facility = 'local0'}.should.not.raise
+    @p.facility.should.equal 16
+  end
+  
+  it "severity may only be set within 0-7 or with a proper string name" do
+    lambda {@p.severity = 9876}.should.raise ArgumentError
+    lambda {@p.severity = "omgbroken"}.should.raise ArgumentError
+    
+    lambda {@p.severity = 6}.should.not.raise
+    @p.severity.should.equal 6
+    lambda {@p.severity = 'info'}.should.not.raise
+    @p.severity.should.equal 6
+  end
+  
+  it "severity can be checked using 'some_severity?' methods" do
+    @p.info?.should.equal true
+    @p.alert?.should.equal false
+    @p.emerg?.should.equal false
+  end
+  
+  it "PRI is calculated from the facility and severity" do
+    @p.pri.should.equal 134
+  end
+  
+  it "PRI may only be within 0-191" do
+    lambda {@p.pri = 22331}.should.raise ArgumentError
+    lambda {@p.pri = "foo"}.should.raise ArgumentError
+  end
+  
+  it "facility and severity are deduced and set from setting a valid PRI" do
+    @p.pri = 165
+    @p.severity.should.equal 5
+    @p.facility.should.equal 20
+  end
+  
+  it "return the proper names for facility and severity" do
+    @p.severity_name.should.equal 'notice'
+    @p.facility_name.should.equal 'local4'
+  end
+  
+  it "set a message, which apparently can be anything" do
+    @p.content = "exploring ze black hole"
+    @p.content.should.equal "exploring ze black hole"
+  end
+  
+  it "timestamp must conform to the retarded format" do
+    @p.generate_timestamp.should.match /(Jan|Feb|Mar|Apr|May|Jun|Jul|Aug|Sep|Oct|Nov|Dec)\s(\s|[1-9])\d\s\d\d:\d\d:\d\d/
+  end
+  
+  it "use the current time and assemble the packet" do
+    timestamp = @p.generate_timestamp
+    @p.to_s.should.equal "<165>#{timestamp} space_station test: exploring ze black hole"
+  end
+  
+  it "packets larger than 1024 will be truncated" do
+    @p.content = "space warp" * 1000
+    @p.to_s.bytesize.should.equal 1024
+  end
+  
+end

data/test/test_parser.rb

@@ -0,0 +1,51 @@
+require File.expand_path('../helper', __FILE__)
+
+describe "syslog packet parser" do
+  
+  it "parse some valid packets" do
+    p = SyslogProto.parse("<34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8")
+    p.facility.should.equal 4
+    p.severity.should.equal 2
+    p.pri.should.equal 34
+    p.hostname.should.equal "mymachine"
+    p.tag.should.equal 'su'
+    p.content.should.equal "'su root' failed for lonvick on /dev/pts/8"
+    p.time.should.equal Time.parse("Oct 11 22:14:15")
+    
+    p = SyslogProto.parse("<13>Feb  5 17:32:18 10.0.0.99 test: Use the BFG!")
+    p.facility.should.equal 1
+    p.severity.should.equal 5
+    p.pri.should.equal 13
+    p.hostname.should.equal "10.0.0.99"
+    p.tag.should.equal 'test'
+    p.content.should.equal "Use the BFG!"
+    p.time.should.equal Time.parse("Feb  5 17:32:18")
+  end
+  
+  it "treat a packet with no valid PRI as all content, setting defaults" do
+    p = SyslogProto.parse("nomnom")
+    p.facility.should.equal 1
+    p.severity.should.equal 5
+    p.pri.should.equal 13
+    p.hostname.should.equal 'unknown'
+    p.content.should.equal "nomnom"
+  end
+  
+  it "PRI with preceding 0's shall be considered invalid" do
+    p = SyslogProto.parse("<045>Oct 11 22:14:15 space_station my PRI is not valid")
+    p.facility.should.equal 1
+    p.severity.should.equal 5
+    p.pri.should.equal 13
+    p.hostname.should.equal 'unknown'
+    p.content.should.equal "<045>Oct 11 22:14:15 space_station my PRI is not valid"
+  end
+  
+  it "allow the user to pass an origin to be used as the hostname if packet is invalid" do
+    p = SyslogProto.parse("<045>Oct 11 22:14:15 space_station my PRI is not valid", '127.0.0.1')
+    p.facility.should.equal 1
+    p.severity.should.equal 5
+    p.pri.should.equal 13
+    p.hostname.should.equal '127.0.0.1'
+    p.content.should.equal "<045>Oct 11 22:14:15 space_station my PRI is not valid"
+  end
+end

metadata

@@ -0,0 +1,99 @@
+--- !ruby/object:Gem::Specification 
+name: syslog_protocol
+version: !ruby/object:Gem::Version 
+  hash: 59
+  prerelease: false
+  segments: 
+  - 0
+  - 9
+  - 0
+  version: 0.9.0
+platform: ruby
+authors: 
+- Jake Douglas
+- Eric Lindvall
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-08-01 00:00:00 -07:00
+default_executable: 
+dependencies: 
+- !ruby/object:Gem::Dependency 
+  name: bacon
+  prerelease: false
+  requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 19
+        segments: 
+        - 1
+        - 1
+        - 0
+        version: 1.1.0
+  type: :development
+  version_requirements: *id001
+description: Syslog protocol parser and generator
+email: 
+- jakecdouglas@gmail.com
+- eric@5stops.com
+executables: []
+
+extensions: []
+
+extra_rdoc_files: 
+- README.md
+files: 
+- Gemfile
+- README.md
+- Rakefile
+- lib/syslog_protocol.rb
+- lib/syslog_protocol/common.rb
+- lib/syslog_protocol/logger.rb
+- lib/syslog_protocol/packet.rb
+- lib/syslog_protocol/parser.rb
+- syslog_protocol.gemspec
+- test/helper.rb
+- test/test_logger.rb
+- test/test_packet.rb
+- test/test_parser.rb
+has_rdoc: true
+homepage: https://github.com/eric/syslog_protocol
+licenses: []
+
+post_install_message: 
+rdoc_options: 
+- --charset=UTF-8
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      hash: 3
+      segments: 
+      - 0
+      version: "0"
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.7
+signing_key: 
+specification_version: 2
+summary: Syslog protocol parser and generator
+test_files: 
+- test/test_logger.rb
+- test/test_packet.rb
+- test/test_parser.rb