rsyslog.conf
module(load="omprog")
action(
type="omprog"
binary="/usr/local/bin/process_logs.py"
template="RSYSLOG_TraditionalFileFormat"
confirmMessages="off"
output="/var/log/process_logs_output.log"
)
/usr/local/bin/process_logs.py
#!/usr/bin/env python3
import sys
def process_log(log_line):
return log_line.strip() + " processed"
def main():
for line in sys.stdin:
processed_line = process_log(line)
print(processed_line)
sys.stdout.flush()
if name == "main":
main()
OR
rsyslog.conf
50-default.conf
# Загружаем необходимые модули
module(load="imuxsock") # для приема сообщений от локальных программ через /dev/log
module(load="omprog")
# Настройка действия для использования внешнего скрипта
if $msg contains 'processed' then {
action(
type="omfile"
file="/var/log/process_logs_output2.log"
template="RSYSLOG_TraditionalFileFormat"
)
} else {
action(
type="omprog"
binary="/usr/local/bin/process_logs.py"
template="RSYSLOG_TraditionalFileFormat"
confirmMessages="off"
output="/var/log/process_logs_output.log"
)
}
process_logs.py
#!/usr/bin/env python3
import sys
import logging
import logging.handlers
def setup_logger():
logger = logging.getLogger('ProcessedLogger')
logger.setLevel(logging.INFO)
handler = logging.handlers.SysLogHandler(address='/dev/log')
formatter = logging.Formatter('%(message)s tag=processed')
handler.setFormatter(formatter)
logger.addHandler(handler)
return logger
def process_log(log_line, logger):
if 'processed' not in log_line:
processed_line = log_line.strip() + " PIPISKA"
logger.info(processed_line)
def main():
logger = setup_logger()
for line in sys.stdin:
process_log(line, logger)
if name == "main":
main()