diff --git a/Makefile.am b/Makefile.am index 08e23e9..49111ba 100644 --- a/Makefile.am +++ b/Makefile.am @@ -24,6 +24,5 @@ DISTCLEANFILES = \ .y.c: include modules/Makefile.am -include scl/Makefile.am include tools/Makefile.am include $(syslog_ng_tools)/lex-rules.am diff --git a/scl/Makefile.am b/scl/Makefile.am deleted file mode 100644 index 74ccd6f..0000000 --- a/scl/Makefile.am +++ /dev/null @@ -1 +0,0 @@ -include scl/elasticsearch/Makefile.am diff --git a/scl/elasticsearch/Makefile.am b/scl/elasticsearch/Makefile.am deleted file mode 100644 index 7ba46b7..0000000 --- a/scl/elasticsearch/Makefile.am +++ /dev/null @@ -1,7 +0,0 @@ -esdir = ${scldir}/elasticsearch - -es_DATA = scl/elasticsearch/plugin.conf -es_SCRIPTS = scl/elasticsearch/es-bridge - -EXTRA_DIST += scl/elasticsearch/elastic-example.conf \ - ${es_SCRIPTS} ${es_DATA} diff --git a/scl/elasticsearch/elastic-example.conf b/scl/elasticsearch/elastic-example.conf deleted file mode 100644 index ffb35e1..0000000 --- a/scl/elasticsearch/elastic-example.conf +++ /dev/null @@ -1,21 +0,0 @@ -@version: 3.5 -@include "scl.conf" -@include "scl/elasticsearch/plugin.conf" - -source s_all { - internal(); - system(); -}; - -destination d_elastic { - elasticsearch( - host("elastic.local") - index("syslog-ng") - ); -}; - -log { - source(s_all); - destination(d_elastic); - flags(flow-control); -}; diff --git a/scl/elasticsearch/es-bridge b/scl/elasticsearch/es-bridge deleted file mode 100755 index 4e2fbf7..0000000 --- a/scl/elasticsearch/es-bridge +++ /dev/null @@ -1,31 +0,0 @@ -#! /usr/bin/python -## es-bridge -- A syslog-ng -> Elasticsearch bridge -## -## Copyright (c) 2014 BalaBit IT Ltd, Budapest, Hungary -## Copyright (c) 2014 Gergely Nagy -## -## This program is free software; you can redistribute it and/or modify it -## under the terms of the GNU General Public License version 2 as published -## by the Free Software Foundation, or (at your option) any later version. -## -## This program is distributed in the hope that it will be useful, -## but WITHOUT ANY WARRANTY; without even the implied warranty of -## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -## GNU General Public License for more details. -## -## You should have received a copy of the GNU General Public License -## along with this program; if not, write to the Free Software -## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -## -## As an additional exemption you are allowed to compile & link against the -## OpenSSL libraries as published by the OpenSSL project. See the file -## COPYING for details. - -import sys, requests - -session = requests.Session() -es_uri = "http://{0}:{1}/{2}/{3}/".format(*sys.argv[1:]) - -while True: - l = sys.stdin.readline() - resp = session.post(es_uri, l) diff --git a/scl/elasticsearch/plugin.conf b/scl/elasticsearch/plugin.conf deleted file mode 100644 index 9c7580e..0000000 --- a/scl/elasticsearch/plugin.conf +++ /dev/null @@ -1,30 +0,0 @@ -## scl/elasticsearch/plugin.conf -- Elasticsearch destination for syslog-ng -## -## Copyright (c) 2014 BalaBit IT Ltd, Budapest, Hungary -## Copyright (c) 2014 Gergely Nagy -## -## This program is free software; you can redistribute it and/or modify it -## under the terms of the GNU General Public License version 2 as published -## by the Free Software Foundation, or (at your option) any later version. -## -## This program is distributed in the hope that it will be useful, -## but WITHOUT ANY WARRANTY; without even the implied warranty of -## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -## GNU General Public License for more details. -## -## You should have received a copy of the GNU General Public License -## along with this program; if not, write to the Free Software -## Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA -## -## As an additional exemption you are allowed to compile & link against the -## OpenSSL libraries as published by the OpenSSL project. See the file -## COPYING for details. - -block destination elasticsearch( - host("localhost") port(9200) - index("syslog-ng") type("message") - body("$(format-json --scope rfc5424 --pair @timestamp=\"${R_ISODATE}\" --pair @message=\"${MSG}\" --exclude DATE --exclude MESSAGE)")) { - program("`scl-root`/elasticsearch/es-bridge `host` `port` `index` `type`" - template("`body`\n") - ); -};