需要通过rsyslog omprog将收到的随机UDP消息解析为python文件 [英] Random UDP message received needs to be parsed to python file through rsyslog omprog

问题描述

我正在设置一个Python脚本，该脚本将解析通过UDP从另一台服务器接收的输入.由于可以随机接收消息或消息数，因此我尝试使用rsyslog omprog来解析输入.但是，我无法使用UDP读取消息，也无法使用omprog

I'm setting up a python script that will parse the inputs received via UDP from another server. Since the message or number of messages can be received randomly, I'm trying to rsyslog omprog to parse the inputs. However, I'm unable to read the message on UDP and unable to send the input received as parameter to python using omprog

从特定服务器接收syslog消息将存储在/var/log/pcrf_notification.log中，因此，我将rsyslog.conf配置如下:

Receiving syslog message from particular server will be stored in /var/log/pcrf_notification.log Therefore, I configured the rsyslog.conf like below:

         [root@PORSG1NT101A]# vi /etc/rsyslog.conf
         $ModLoad imudp
         $UDPServerRun 514

         $template RemoteLogs,"/var/log/%HOSTNAME%/pcrf_notification.log"
         *.* ?RemoteLogs

带有pcrf_notification.log的内容将是:

The content withing the pcrf_notification.log will be:

 Mar 15 16:27:30 PORPF0MP1 Policy Syslog: 5540149665,123,5000001,2019-03-15T16:27:30.290

 Mar 15 16:27:52 PORPF0MP1 Policy Syslog: 5540149665,123,5000001,2019-03-15T16:27:52.895

现在，我需要在接收到python脚本时发送每一行.这是我的失败.

Now i need to send each line when received to a python script. This is I'm failing at.

例如，我需要发送

 "Mar 15 16:27:52 PORPF0MP1 Policy Syslog: 5540149665,123,5000001,2019-03-15T16:27:52.895" 

到python脚本.

我在rsyslog.d文件夹中创建了pcrf_scripting.conf文件

I created a pcrf_scripting.conf file in rsyslog.d folder

 [root@PORSG1NT101A rsyslog.d]# vi /etc/rsyslog.d/pcrf_scripting.conf
                   $ModLoad omprog
                  :inputname, isequal, "imudp" action(type="omprog"
                   binary="/tmp/hello.py --param1 a --param2 b"
                   template="RSYSLOG_TraditionalFileFormat")

我需要用每行替换--param1 a --param2 b.

I need to replace --param1 a --param2 b with each line.

推荐答案

这个最小的示例对我有用(rsyslogd版本8.30.0).在/etc/rsyslog.conf中，我们有

This minimal example worked for me (rsyslogd version 8.30.0). In /etc/rsyslog.conf we have

$ModLoad imudp # UDP listener
$UDPServerRun 514
$ModLoad omprog
:inputname, isequal, "imudp"  action(type="omprog"
  binary="/tmp/prog.py" template="RSYSLOG_TraditionalFileFormat")

在/tmp/prog.py中，我们有

#!/usr/bin/python3
import sys
with open("/tmp/output","w",encoding='utf8',errors='ignore') as fd:
    for data in sys.stdin:
        print("got data: %s" % data[:-1], file=fd, flush=True)

当udp数据包到达时，它将被传递到python程序，该程序会将其打印到文件/tmp/output中.确保chmod a+rx /tmp/prog.py.

When a udp packet arrives it is passed through to the python program which prints it to file /tmp/output. Make sure to chmod a+rx /tmp/prog.py.

这篇关于需要通过rsyslog omprog将收到的随机UDP消息解析为python文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！