Skip to content

Ships new systemd journal entries to a remote destination in Graylog Extended Log Format (GELF)

License

Notifications You must be signed in to change notification settings

urbanpt/journal2gelf

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

journal2gelf

Export structured log records from the systemd journal and send them to a Graylog2 server as GELF messages.

Tested on Python 2.7 and Fedora 17 (systemd-44-17) and Fedora 19 (systemd-204).

journalctl output format change

Starting with systemd-190 journalctl switched to an easier to parse single-line JSON format. This is now the default expected format as of journal2gelf v0.0.3.

For versions of systemd < 190, you must add the -m switch.

Run journalctl --version to get the systemd version.

Dependencies:

  • graypy

Install

On Fedora 17+ (or other systems with a version of systemd that includes journal support):

sudo yum install git python-pip
pip-python install git+http://github.com/systemd/journal2gelf.git#egg=journal2gelf

Running as a service

Copy and edit the included examples/journal2gelf.service to /etc/systemd/system.

Usage:

By default, journal2gelf will look for input on stdin. eg:

  • Send all logs and exit:

    journalctl -o json | journal2gelf

The -t flag can be specified and journal2gelf will automatically start journalctl in tail mode. This makes it easier to run as a systemd service.

journal2gelf -t

This is equivalent to running:

journalctl -o json -f | journal2gelf

Graylog2 server and port can be specified with -s and -p flags.

License

Copyright 2012 Joe Miller https://github.com/joemiller

Released under the MIT license, see LICENSE for details.

About

Ships new systemd journal entries to a remote destination in Graylog Extended Log Format (GELF)

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%