mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 08:34:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
opensnitch/daemon/log
History
Gustavo Iñiguez Goia 102b65e6c3
added new generic remote logger and new formats 
- Added new generic remote logger to send events to remote servers.
- Added new formats RFC3164 and JSON.

Configuration example to send events to logstash using the tcp input
plugin, in json format:
 "Loggers": [
    {
        "Name": "remote",
        "Server": "127.0.0.1:3333",
        "Protocol": "tcp",
        "Workers": 5,
        "Format": "json",
        "Tag": "opensnitch"
    },
 ]

logstash configuration, saving events under document.*:
 input {
    tcp {
        port => 3333
        codec => json_lines {
            target => "[document]"
        }
    }
 }

You can also use the syslog input plugin:
 "Loggers": [
    {
        "Name": "remote",
        "Server": "127.0.0.1:5140",
        "Protocol": "tcp",
        "Workers": 5,
        "Format": "rfc3164",
        "Tag": "opensnitch"
    },
 ]

logstash's syslog input plugin configuration:
 input {
    syslog {
        port => 5140
    }
}

Note: you'll need a grok filter to parse and extract the fields.

See: #947
2023-05-29 13:49:38 +02:00
..
formats added new generic remote logger and new formats 2023-05-29 13:49:38 +02:00
loggers added new generic remote logger and new formats 2023-05-29 13:49:38 +02:00
log.go minor fixes to prevent go vet from complaining 2021-02-13 19:18:38 +03:00