mirror of
https://github.com/ntop/ntopng.git
synced 2026-04-30 07:59:35 +00:00
Implement export to remote syslog server (implement #4419)
This commit is contained in:
Alfredo Cardigliano
parent
1c73df18db
commit
841b476f59
9 changed files with 184 additions and 33 deletions
|
|
@ -6,12 +6,16 @@ require "lua_utils"
|
|||
local json = require "dkjson"
|
||||
local alert_utils = require "alert_utils"
|
||||
local alert_consts = require "alert_consts"
|
||||
local format_utils = require "format_utils"
|
||||
|
||||
local syslog = {
|
||||
name = "Syslog",
|
||||
conf_max_num = 1, -- At most 1 endpoint
|
||||
endpoint_params = {
|
||||
{ param_name = "syslog_alert_format" },
|
||||
{ param_name = "syslog_protocol", optional = true },
|
||||
{ param_name = "syslog_host", optional = true },
|
||||
{ param_name = "syslog_port", optional = true },
|
||||
},
|
||||
endpoint_template = {
|
||||
plugin_key = "syslog_alert_endpoint",
|
||||
|
|
@ -21,7 +25,7 @@ local syslog = {
|
|||
},
|
||||
recipient_template = {
|
||||
plugin_key = "syslog_alert_endpoint",
|
||||
template_name = "syslog_recipient.template" -- TODO: add template
|
||||
template_name = "syslog_recipient.template"
|
||||
},
|
||||
}
|
||||
|
||||
|
|
@ -37,6 +41,32 @@ end
|
|||
|
||||
-- ##############################################
|
||||
|
||||
local function readSettings(recipient)
|
||||
local settings = {
|
||||
-- Endpoint
|
||||
protocol = recipient.endpoint_conf.syslog_protocol, -- tcp or udp
|
||||
host = recipient.endpoint_conf.syslog_host,
|
||||
port = recipient.endpoint_conf.syslog_port,
|
||||
}
|
||||
|
||||
if isEmptyString(settings.host) then
|
||||
settings.host = nil
|
||||
else
|
||||
if settings.protocol == nil or settings.protocol ~= 'tcp' then
|
||||
settings.protocol = 'udp'
|
||||
end
|
||||
if settings.port == nil then
|
||||
settings.port = 514
|
||||
else
|
||||
settings.port = tonumber(settings.port)
|
||||
end
|
||||
end
|
||||
|
||||
return settings
|
||||
end
|
||||
|
||||
-- ##############################################
|
||||
|
||||
-- @brief Returns the desided formatted output for recipient params
|
||||
function syslog.format_recipient_params(recipient_params)
|
||||
return string.format("(%s)", syslog.name)
|
||||
|
|
@ -44,7 +74,7 @@ end
|
|||
|
||||
-- ##############################################
|
||||
|
||||
function syslog.sendMessage(notif, severity, syslog_format)
|
||||
function syslog.sendMessage(settings, notif, severity, syslog_format)
|
||||
local syslog_severity = alert_consts.alertLevelToSyslogLevel(severity)
|
||||
local msg
|
||||
|
||||
|
|
@ -64,7 +94,27 @@ function syslog.sendMessage(notif, severity, syslog_format)
|
|||
show_entity = true})
|
||||
end
|
||||
|
||||
ntop.syslog(msg, syslog_severity)
|
||||
if settings.host == nil then
|
||||
ntop.syslog(msg, syslog_severity)
|
||||
else
|
||||
local facility = 14 -- log alert
|
||||
local level = 1 -- alert (what about mapping severity?)
|
||||
local prio = (facility * 8) + level
|
||||
local date = format_utils.formatEpoch() -- "2020-11-09 18:00:00"
|
||||
local tag = "ntopng"
|
||||
local info = ntop.getInfo()
|
||||
local pid = info.pid
|
||||
|
||||
-- Example
|
||||
-- Example: <113>09/11/2020 18:31:21 ntopng[21365]: ...
|
||||
msg = "<"..prio..">"..date.." "..tag.."["..pid.."]: "..msg
|
||||
|
||||
if settings.protocol == 'tcp' then
|
||||
ntop.send_tcp_data(settings.host, settings.port, msg, 1 --[[ timeout (msec) --]] )
|
||||
else
|
||||
ntop.send_udp_data(settings.host, settings.port, msg)
|
||||
end
|
||||
end
|
||||
|
||||
return true
|
||||
end
|
||||
|
|
@ -73,15 +123,17 @@ end
|
|||
|
||||
-- Dequeue alerts from a recipient queue for sending notifications
|
||||
function syslog.dequeueRecipientAlerts(recipient, budget, high_priority)
|
||||
local notifications = {}
|
||||
for i = 1, budget do
|
||||
local notification = ntop.recipient_dequeue(recipient.recipient_id, high_priority)
|
||||
if notification then
|
||||
notifications[#notifications + 1] = notification
|
||||
else
|
||||
break
|
||||
end
|
||||
end
|
||||
local settings = readSettings(recipient)
|
||||
|
||||
local notifications = {}
|
||||
for i = 1, budget do
|
||||
local notification = ntop.recipient_dequeue(recipient.recipient_id, high_priority)
|
||||
if notification then
|
||||
notifications[#notifications + 1] = notification
|
||||
else
|
||||
break
|
||||
end
|
||||
end
|
||||
|
||||
if not notifications or #notifications == 0 then
|
||||
return {success = true, more_available = false}
|
||||
|
|
@ -105,7 +157,7 @@ function syslog.dequeueRecipientAlerts(recipient, budget, high_priority)
|
|||
|
||||
-- Most recent notifications first
|
||||
for _, notif in pairsByValues(sev_notifications, alert_utils.notification_timestamp_rev) do
|
||||
syslog.sendMessage(notif, severity, recipient.endpoint_conf.syslog_alert_format)
|
||||
syslog.sendMessage(settings, notif, severity, recipient.endpoint_conf.syslog_alert_format)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
@ -116,19 +168,20 @@ end
|
|||
-- ##############################################
|
||||
|
||||
function syslog.runTest(recipient)
|
||||
local now = os.time()
|
||||
local notif = {
|
||||
alert_tstamp = now,
|
||||
alert_entity = alert_consts.alert_entities.test.entity_id,
|
||||
}
|
||||
local settings = readSettings(recipient)
|
||||
|
||||
local success = syslog.sendMessage(notif, "info", recipient.endpoint_conf.syslog_alert_format)
|
||||
local now = os.time()
|
||||
local notif = {
|
||||
alert_tstamp = now,
|
||||
alert_entity = alert_consts.alert_entities.test.entity_id,
|
||||
}
|
||||
|
||||
local message_info = i18n("prefs.syslog_sent_successfully")
|
||||
return success, message_info
|
||||
local success = syslog.sendMessage(settings, notif, "info", recipient.endpoint_conf.syslog_alert_format)
|
||||
|
||||
local message_info = i18n("prefs.syslog_sent_successfully")
|
||||
return success, message_info
|
||||
end
|
||||
|
||||
|
||||
-- ##############################################
|
||||
|
||||
return syslog
|
||||
|
|
|
|||
|
|
@ -0,0 +1,29 @@
|
|||
--
|
||||
-- (C) 2019-20 - ntop.org
|
||||
--
|
||||
--
|
||||
|
||||
-- Place here the checks for parameters used by this plugins
|
||||
-- In essence it extends (and references) checks present in
|
||||
-- scripts/lua/modules/http_lint.lua
|
||||
--
|
||||
|
||||
local script = {}
|
||||
|
||||
-- ##############################################
|
||||
|
||||
-- @brief Called by the main http_lint module to load additional parameters.
|
||||
-- @params http_lint a reference to the scripts/lua/modules/http_lint.lua module
|
||||
-- @return a (possibly empty) table with parameter_name -> validator mappings
|
||||
function script.getAdditionalParameters(http_lint)
|
||||
return {
|
||||
["syslog_alert_format"] = http_lint.validateEmptyOr(http_lint.validateSyslogFormat),
|
||||
["syslog_protocol"] = http_lint.validateEmptyOr(http_lint.validateChoiceInline({"tcp", "udp", ""})),
|
||||
["syslog_host"] = http_lint.validateEmptyOr(http_lint.validateHost),
|
||||
["syslog_port"] = http_lint.validateEmptyOr(http_lint.validatePort),
|
||||
}
|
||||
end
|
||||
|
||||
-- ##############################################
|
||||
|
||||
return(script)
|
||||
|
|
@ -0,0 +1,17 @@
|
|||
--
|
||||
-- (C) 2020 - ntop.org
|
||||
--
|
||||
|
||||
return {
|
||||
alert_format = "Format",
|
||||
content = "Content",
|
||||
description = "Host, Port and Protocol should be specified for remote syslog servers only.",
|
||||
host = "Host",
|
||||
port = "Port",
|
||||
protocol = "Protocol",
|
||||
text = "Text",
|
||||
validation = {
|
||||
invalid_host = "Invalid Syslog host.",
|
||||
invalid_port = "Invalid Syslog port.",
|
||||
},
|
||||
}
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
<div class="form-group row">
|
||||
<label class="col-form-label col-sm-3">
|
||||
<b>{{ i18n("syslog_alert_endpoint.syslog_alert_format") }}</b>
|
||||
<b>{{ i18n("syslog_alert_endpoint.alert_format") }}</b>
|
||||
</label>
|
||||
<div class="col-sm-5">
|
||||
<select name="syslog_alert_format" class="form-control" required>
|
||||
|
|
@ -9,3 +9,42 @@
|
|||
</select>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group row">
|
||||
<label class="col-form-label col-sm-3">
|
||||
{{ i18n("syslog_alert_endpoint.host") }}
|
||||
</label>
|
||||
<div class="col-sm-5">
|
||||
<input
|
||||
data-validation-message="{{ i18n('syslog_alert_endpoint.validation.invalid_host') }}"
|
||||
data-pattern="host" name="syslog_host" type="text" class="form-control" />
|
||||
<small class="text-muted">{{ i18n("optional_field") }}</small>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group row">
|
||||
<label class="col-form-label col-sm-3">
|
||||
{{ i18n("syslog_alert_endpoint.port") }}
|
||||
</label>
|
||||
<div class="col-sm-5">
|
||||
<input
|
||||
data-validation-message="{{ i18n('syslog_alert_endpoint.validation.invalid_port') }}"
|
||||
data-pattern="port" name="syslog_port" value="514" type="text" class="form-control" />
|
||||
<small class="text-muted">{{ i18n("optional_field") }}</small>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group row">
|
||||
<label class="col-form-label col-sm-3">
|
||||
<b>{{ i18n("syslog_alert_endpoint.protocol") }}</b>
|
||||
</label>
|
||||
<div class="col-sm-5">
|
||||
<select name="syslog_protocol" class="form-control">
|
||||
<option value="udp">UDP</option>
|
||||
<option value="tcp">TCP</option>
|
||||
</select>
|
||||
<small class="text-muted">{{ i18n("optional_field") }}</small>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<small>{* i18n('syslog_alert_endpoint.description') *}</small>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue