Rainer Gerhards, profile picture
Uploaded byRainer Gerhards
20,142 views

Writing rsyslog Plugins in 2 Minutes

Need to connect rsyslog to some destination for which no plugin yet exists? Do you know a little bit of scripting or programming? Than this presentation is for you. It's fast-path to writing rsyslog plugins very, very quickly.

Embed presentation

Writing external output plugins for RSysLog IN 2 MINUTES Rainer Gerhards
Write the plugin itself • Choose any language you like • Implement the pseudocode below ▫ ▫ ▫ ▫ Messages arrive via stdin, one message per line Read from stdin until EOF Process each message read as you like Terminate when EOF is reached • That's it! While not EOF(stdin) do {     Read msg from stdin     Process msg } Rainer Gerhards, http://blog.gerhards.net
Make RsysLog call plugin • Regular filtering applies (as with any action) • You can specify message format via a template • Use omprog for the call module(load=”omprog) # needed only once in config! if $rawmsg contains “sometrigger” then    action(type=”omprog”           binary=”/path/to/your/plugin”) Rainer Gerhards, http://blog.gerhards.net
Optional: debugging your plugin • If something doesn't work, it's best to debug outside of rsyslog • Do this as you usually debug your programs in that language • For example, do $ echo “testmessage” | /path/to/your/plugin • Questions about the plugin interface or plugin integration? Visit http://kb.monitorware.com/external-plugins-f53.html Rainer Gerhards, http://blog.gerhards.net
Want to know more details? • There is an additional presentation available at http://www.slideshare.net/rainergerhards1/external-plugins • The complete interface specification can be found right inside the source repository: https://github.com/rsyslog/rsyslog/blob/master/plugins/external/INTERFACE.md • Check out the copy-templates ▫ Available for an increasing number of languages ▫ More advanced interface handling ▫ Ready to be copied ▫ https://github.com/rsyslog/rsyslog/tree/master/plugins/external Rainer Gerhards, http://blog.gerhards.net
Want to know more details? • There is an additional presentation available at http://www.slideshare.net/rainergerhards1/external-plugins • The complete interface specification can be found right inside the source repository: https://github.com/rsyslog/rsyslog/blob/master/plugins/external/INTERFACE.md • Check out the copy-templates ▫ Available for an increasing number of languages ▫ More advanced interface handling ▫ Ready to be copied ▫ https://github.com/rsyslog/rsyslog/tree/master/plugins/external Rainer Gerhards, http://blog.gerhards.net

More Related Content

ODP
Writing External Rsyslog Plugins
byRainer Gerhards
 
PDF
Sicherheit im Internet - Wie kann man sich schützen?
byRainer Gerhards
 
ODP
rsyslog meets docker
byRainer Gerhards
 
PPTX
Rsyslog version naming (v8.6.0+)
byRainer Gerhards
 
PPTX
Using Wildcards with rsyslog's File Monitor imfile
byRainer Gerhards
 
ODP
RSYSLOG v8 improvements and how to write plugins in any language.
byRainer Gerhards
 
ODP
Fedora Developer's Conference 2014 Talk
byRainer Gerhards
 
ODP
The rsyslog v8 engine (developer's view)
byRainer Gerhards
 
Writing External Rsyslog Plugins
byRainer Gerhards
 
Sicherheit im Internet - Wie kann man sich schützen?
byRainer Gerhards
 
rsyslog meets docker
byRainer Gerhards
 
Rsyslog version naming (v8.6.0+)
byRainer Gerhards
 
Using Wildcards with rsyslog's File Monitor imfile
byRainer Gerhards
 
RSYSLOG v8 improvements and how to write plugins in any language.
byRainer Gerhards
 
Fedora Developer's Conference 2014 Talk
byRainer Gerhards
 
The rsyslog v8 engine (developer's view)
byRainer Gerhards
 

More from Rainer Gerhards

PPT
Wetterbeobachtung - Ein Vortrag für die Grundschule
byRainer Gerhards
 
ODP
Rsyslog vs Systemd Journal Presentation
byRainer Gerhards
 
PDF
Rsyslog vs Systemd Journal (Paper)
byRainer Gerhards
 
PDF
CEE Log Integrity and the "Counterpane Paper"
byRainer Gerhards
 
SXW
State of syslog (2005)
byRainer Gerhards
 
PDF
Status of syslog as of 2005
byRainer Gerhards
 
PPT
LogFile Auswertung (log analysis)
byRainer Gerhards
 
ODP
Rsyslog log normalization
byRainer Gerhards
 
Wetterbeobachtung - Ein Vortrag für die Grundschule
byRainer Gerhards
 
Rsyslog vs Systemd Journal Presentation
byRainer Gerhards
 
Rsyslog vs Systemd Journal (Paper)
byRainer Gerhards
 
CEE Log Integrity and the "Counterpane Paper"
byRainer Gerhards
 
State of syslog (2005)
byRainer Gerhards
 
Status of syslog as of 2005
byRainer Gerhards
 
LogFile Auswertung (log analysis)
byRainer Gerhards
 
Rsyslog log normalization
byRainer Gerhards
 

Recently uploaded

PDF
10 Things AI-First Apps Do Differently by iProgrammer Solutions
byiProgrammer Solutions Private Limited
 
PDF
CompTIA Cybersecurity Analyst (CySA+) CS0-003: Unit 5
byVICTOR MAESTRE RAMIREZ
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Exam Prep Plan Overview: Amazon Web Services (AWS) Certified
byVICTOR MAESTRE RAMIREZ
 
PDF
What Is a Private LLM and Why Enterprises Need It
byAivada
 
PPTX
Technology Consulting _ by Slidesgo.pptx
byfh82277
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PDF
How to Evaluate a High Performance Database
byScyllaDB
 
PPTX
How to make Ai agents using Google Gemini AI.pptx
bypkluffy111
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PPTX
Gemini vs ChatGPT : Comparing Top AI Models
byDigicarrom
 
PDF
WHITE PAPER_ Ransomware Payment Policy and Resilience Strategy_ A Framework f...
byssuser0d171c
 
PPTX
Why Most GenAI Projects Fail to Scale and How to Become One of the Success St...
byEarley Information Science
 
PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PPTX
Session 2 - Solving Unstructured & Complex Documents with UiPath IXP
byDianaGray10
 
PPTX
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
PPTX
Top _HR Technology Trends _for 2026_.pptx
byAutomationEdge Technologies
 
10 Things AI-First Apps Do Differently by iProgrammer Solutions
byiProgrammer Solutions Private Limited
 
CompTIA Cybersecurity Analyst (CySA+) CS0-003: Unit 5
byVICTOR MAESTRE RAMIREZ
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Exam Prep Plan Overview: Amazon Web Services (AWS) Certified
byVICTOR MAESTRE RAMIREZ
 
What Is a Private LLM and Why Enterprises Need It
byAivada
 
Technology Consulting _ by Slidesgo.pptx
byfh82277
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
How to Evaluate a High Performance Database
byScyllaDB
 
How to make Ai agents using Google Gemini AI.pptx
bypkluffy111
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
Gemini vs ChatGPT : Comparing Top AI Models
byDigicarrom
 
WHITE PAPER_ Ransomware Payment Policy and Resilience Strategy_ A Framework f...
byssuser0d171c
 
Why Most GenAI Projects Fail to Scale and How to Become One of the Success St...
byEarley Information Science
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
Session 2 - Solving Unstructured & Complex Documents with UiPath IXP
byDianaGray10
 
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
Top _HR Technology Trends _for 2026_.pptx
byAutomationEdge Technologies
 

Writing rsyslog Plugins in 2 Minutes

  • 1.
    Writing external outputplugins for RSysLog IN 2 MINUTES Rainer Gerhards
  • 2.
    Write the pluginitself • Choose any language you like • Implement the pseudocode below ▫ ▫ ▫ ▫ Messages arrive via stdin, one message per line Read from stdin until EOF Process each message read as you like Terminate when EOF is reached • That's it! While not EOF(stdin) do {     Read msg from stdin     Process msg } Rainer Gerhards, http://blog.gerhards.net
  • 3.
    Make RsysLog callplugin • Regular filtering applies (as with any action) • You can specify message format via a template • Use omprog for the call module(load=”omprog) # needed only once in config! if $rawmsg contains “sometrigger” then    action(type=”omprog”           binary=”/path/to/your/plugin”) Rainer Gerhards, http://blog.gerhards.net
  • 4.
    Optional: debugging yourplugin • If something doesn't work, it's best to debug outside of rsyslog • Do this as you usually debug your programs in that language • For example, do $ echo “testmessage” | /path/to/your/plugin • Questions about the plugin interface or plugin integration? Visit http://kb.monitorware.com/external-plugins-f53.html Rainer Gerhards, http://blog.gerhards.net
  • 5.
    Want to knowmore details? • There is an additional presentation available at http://www.slideshare.net/rainergerhards1/external-plugins • The complete interface specification can be found right inside the source repository: https://github.com/rsyslog/rsyslog/blob/master/plugins/external/INTERFACE.md • Check out the copy-templates ▫ Available for an increasing number of languages ▫ More advanced interface handling ▫ Ready to be copied ▫ https://github.com/rsyslog/rsyslog/tree/master/plugins/external Rainer Gerhards, http://blog.gerhards.net
  • 6.
    Want to knowmore details? • There is an additional presentation available at http://www.slideshare.net/rainergerhards1/external-plugins • The complete interface specification can be found right inside the source repository: https://github.com/rsyslog/rsyslog/blob/master/plugins/external/INTERFACE.md • Check out the copy-templates ▫ Available for an increasing number of languages ▫ More advanced interface handling ▫ Ready to be copied ▫ https://github.com/rsyslog/rsyslog/tree/master/plugins/external Rainer Gerhards, http://blog.gerhards.net