-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsyslog-input.go
More file actions
186 lines (165 loc) · 5.36 KB
/
Copy pathsyslog-input.go
File metadata and controls
186 lines (165 loc) · 5.36 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
package main
import (
"context"
"crypto/tls"
"crypto/x509"
"os"
"gopkg.in/mcuadros/go-syslog.v2"
"github.com/redpanda-data/benthos/v4/public/service"
// Import other required Benthos components here, for example...
_ "github.com/redpanda-data/connect/v4/public/components/crypto"
_ "github.com/redpanda-data/connect/v4/public/components/io"
//_ "github.com/redpanda-data/connect/v4/public/components/pure"
//_ "github.com/redpanda-data/connect/v4/public/components/elasticsearch"
)
// struct of the input configuration fields
type SyslogSvrInput struct {
bind string // address and port to use for the listener
rfc string // the rfc to use: RFC3164, RFC5424, RFC6587 or Automatic
protocol string // udp or tcp
svrCert string // Server CA-signed certificate
privKey string // The server svc private key
caCert string // CA root cert for authenticating client cert auth
useTLS bool // Whether to use TLS encryption
cliAuth bool // Whether to enforce client certificate auth
sls *syslog.Server
slschan *syslog.LogPartsChannel
}
//------------------------------------------------------------------------------
// Syslog server Input interface methods
//------------------------------------------------------------------------------
func (s *SyslogSvrInput) Connect(ctx context.Context) error {
channel := make(syslog.LogPartsChannel)
s.slschan = &channel
handler := syslog.NewChannelHandler(channel)
server := syslog.NewServer()
switch s.rfc {
case "Automatic":
server.SetFormat(syslog.Automatic)
case "RFC3164":
server.SetFormat(syslog.RFC3164)
case "RFC5424":
server.SetFormat(syslog.RFC5424)
case "RFC6587":
server.SetFormat(syslog.RFC6587)
default:
server.SetFormat(syslog.Automatic)
}
server.SetHandler(handler)
if s.protocol == "UDP" {
server.ListenUDP(s.bind)
} else if s.protocol == "TCP" && !s.useTLS {
server.ListenTCP(s.bind)
} else if s.protocol == "TCP" && s.useTLS {
// Use TLS
// Create the TLS Config for the service
tlsConfig := &tls.Config{}
// If Client Cert Auth enabled, configure tls.Config to enforce and provide CA cert
if s.cliAuth {
caCert, err := os.ReadFile(s.caCert)
if err != nil {
return err
}
caCertPool := x509.NewCertPool()
caCertPool.AppendCertsFromPEM(caCert)
tlsConfig.ClientCAs = caCertPool
tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert
}
keycert, err := tls.LoadX509KeyPair(s.svrCert, s.privKey)
if err != nil {
return err
}
tlsConfig.Certificates = append(tlsConfig.Certificates, keycert)
server.ListenTCPTLS(s.bind, tlsConfig)
}
server.Boot()
s.sls = server
return nil
}
func (s *SyslogSvrInput) Read(ctx context.Context) (*service.Message, service.AckFunc, error) {
select {
case slsmsg := <-*s.slschan: // read a message from the channel
msg := service.NewMessage(nil)
msg.SetStructured(slsmsg)
return msg, func(ctx context.Context, err error) error {
return nil
}, nil
case <-ctx.Done():
return nil, nil, ctx.Err()
}
}
func (s *SyslogSvrInput) Close(ctx context.Context) error {
s.sls.Kill()
return nil
}
//------------------------------------------------------------------------------
func main() {
// SyslogServer Input Config Spec
slsConfigSpec := service.NewConfigSpec().
Summary("Creates a Syslog Server listener").
Field(service.NewStringField("bind").
Default("0.0.0.0:514").
Description("The Listening IP address and port.")).
Field(service.NewStringField("rfc").
Default("Automatic").
Description("The rfc format for the server: RFC3164, RFC5424, RFC6587 or Automatic")).
Field(service.NewStringField("protocol").
Default("UDP").
Description("The server protocol - UDP or TCP")).
Field(service.NewStringField("svrCert").
Description("The signed cert for the TLS-enabled server service")).
Field(service.NewStringField("privKey").
Description("The private key for the TLS-enabled server service")).
Field(service.NewStringField("caCert").
Description("The CA Public certificate for client connections").Optional()).
Field(service.NewBoolField("useTLS").
Default(false).
Description("Enforce TLS encryption")).
Field(service.NewBoolField("cliAuth").
Default(false).
Description("Enforce Client certificate auth."))
// Syslog Server Input constructor
slsConstructor := func(conf *service.ParsedConfig, mgr *service.Resources) (service.Input, error) {
bind, err := conf.FieldString("bind")
if err != nil {
return nil, err
}
rfc, err := conf.FieldString("rfc")
if err != nil {
return nil, err
}
protocol, err := conf.FieldString("protocol")
if err != nil {
return nil, err
}
svrCert, err := conf.FieldString("svrCert")
if err != nil {
return nil, err
}
privKey, err := conf.FieldString("privKey")
if err != nil {
return nil, err
}
caCert, err := conf.FieldString("caCert")
if err != nil {
return nil, err
}
useTLS, err := conf.FieldBool("useTLS")
if err != nil {
return nil, err
}
cliAuth, err := conf.FieldBool("cliAuth")
if err != nil {
return nil, err
}
var sls syslog.Server
var slschan syslog.LogPartsChannel
return service.AutoRetryNacks(&SyslogSvrInput{bind, rfc, protocol, svrCert, privKey, caCert, useTLS, cliAuth, &sls, &slschan}), nil
}
// Register Lumberjack Input
err := service.RegisterInput("sysloginput", slsConfigSpec, slsConstructor)
if err != nil {
panic(err)
}
service.RunCLI(context.Background())
}