Initial project upload
This commit is contained in:
parent
1c6c93505b
commit
069aeed2bf
13
README.md
13
README.md
|
|
@ -1,3 +1,14 @@
|
||||||
# gelf-reader
|
# gelf-reader
|
||||||
|
|
||||||
Simple GELF reader application
|
Simple GELF reader application
|
||||||
|
|
||||||
|
This is a simple application which opens a network port (currently UDP only) and receives a GELF input from Graylog or any other application. The primary purpose was to be able to filter some messages from many hosts in Graylog and output it onto this reader. Then you can process this aggregated and filtered log with (for example) fail2ban to block attackers on the router, firewall or hypervisor.
|
||||||
|
|
||||||
|
Usage:
|
||||||
|
gelf-reader [OPTIONS]
|
||||||
|
where options is:
|
||||||
|
-listen <ip>:<port> - the address and port to listen at
|
||||||
|
-output <filename> - output to file (stdout if omit)
|
||||||
|
-version - show version and exit
|
||||||
|
|
||||||
|
WARNING: There are no authentication nor any other host restriction mechanisms, this should be used in trusted (private and/or properly firewalled) networks.
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,63 @@
|
||||||
|
// Production build: go build -ldflags="-w" -o gelf-reader_release gelf-reader
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"flag"
|
||||||
|
"fmt"
|
||||||
|
"io"
|
||||||
|
"log"
|
||||||
|
"os"
|
||||||
|
|
||||||
|
"gopkg.in/Graylog2/go-gelf.v2/gelf"
|
||||||
|
)
|
||||||
|
|
||||||
|
const (
|
||||||
|
VERSION = "0.1.2"
|
||||||
|
)
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
var (
|
||||||
|
listenAddr string
|
||||||
|
outputFile string
|
||||||
|
showVersion bool
|
||||||
|
outWriter io.Writer
|
||||||
|
)
|
||||||
|
|
||||||
|
flag.StringVar(&listenAddr, "listen", "0.0.0.0:12201", "listen address")
|
||||||
|
flag.StringVar(&outputFile, "output", "", "Output file (stdout if empty)")
|
||||||
|
flag.BoolVar(&showVersion, "version", false, "Show version and exit")
|
||||||
|
flag.Parse()
|
||||||
|
|
||||||
|
fmt.Printf("GELF reader server %v\n", VERSION)
|
||||||
|
if showVersion {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(outputFile) > 0 {
|
||||||
|
outFile, err := os.OpenFile(outputFile, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0755)
|
||||||
|
if err != nil {
|
||||||
|
log.Fatalf("Error opening output file\n%s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
outWriter = outFile
|
||||||
|
defer outFile.Close()
|
||||||
|
} else {
|
||||||
|
outWriter = os.Stdout
|
||||||
|
}
|
||||||
|
|
||||||
|
gelfReader, err := gelf.NewReader(listenAddr)
|
||||||
|
if err != nil {
|
||||||
|
log.Fatalf("Error creating GELF network reader\n%s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
fmt.Printf("Listening on %v\n", gelfReader.Addr())
|
||||||
|
|
||||||
|
for {
|
||||||
|
msg, err := gelfReader.ReadMessage()
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Error reading message\n%s\n", err)
|
||||||
|
} else {
|
||||||
|
fmt.Fprintf(outWriter, "%f %v: %v\n", msg.TimeUnix, msg.Host, msg.Short)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue