Skip to content

Export entries from systemds' journal and send them to a graylog server using gelf

License

Notifications You must be signed in to change notification settings

parse-nl/SystemdJournal2Gelf

Repository files navigation

SystemdJournal2Gelf

Export entries from systemd's journal and send them to a Graylog server using gelf. This script is written in Google go to make it easier to compile and distribute to your machines.

Dependencies:

Install / Compile

Compile this package by checking out the repo and run:

go get github.com/parse-nl/SystemdJournal2Gelf

The binary will be compiled in $GOPATH/bin/SystemdJournal2Gelf

Or install the package for:

Running as a service

Copy the included SystemdJournal2Gelf.service to /etc/systemd/system.

Usage:

SystemdJournal2Gelf will connect to the server you specify as first argument and passes all other arguments to journalctl. It prepends these arguments with --output=json

  • Export only the kernel messages
SystemdJournal2Gelf localhost:11201 _TRANSPORT=kernel
  • Perform initial import, reading entire journal
SystemdJournal2Gelf localhost:11201 --merge
  • Monitor the journal
SystemdJournal2Gelf localhost:11201 --follow

Logging additional properties:

Letting this script decode json encoded properties in Messages has been removed, please see this issue that explains how to configure graylog to do that instead

License

Copyright (c) 2016-2021, Parse Software Development B.V.

Released under the Simplified BSD license, see LICENSE for details.

About

Export entries from systemds' journal and send them to a graylog server using gelf

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages