Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var PriorityConversionMap = map[string]string{
"0": "emergency",
"1": "alert",
"2": "critical",
"3": "error",
"4": "warning",
"5": "notice",
"6": "informational",
"7": "debug",
}
PriorityConversionMap is a map containing the textual equivalence of a given priority string number
View Source
var SyslogFacilityString = map[string]string{
"0": "kernel",
"1": "user",
"2": "mail",
"3": "daemon",
"4": "auth",
"5": "syslog",
"6": "line printer",
"7": "network news",
"8": "uucp",
"9": "clock daemon",
"10": "security/auth",
"11": "ftp",
"12": "ntp",
"13": "log audit",
"14": "log alert",
"15": "clock daemon",
"16": "local0",
"17": "local1",
"18": "local2",
"19": "local3",
"20": "local4",
"21": "local5",
"22": "local6",
"23": "local7",
}
SyslogFacilityString is a map containing the textual equivalence of a given facility number
Functions ¶
func MapStrFromJournalEntry ¶
func MapStrFromJournalEntry(ev *sdjournal.JournalEntry, cleanKeys bool, convertToNumbers bool, MoveMetadataLocation string, ParsePriority bool, ParseFacility bool) common.MapStr
MapStrFromJournalEntry takes a JournalD entry and converts it to an event that is more compatible with the Elasitc products. It will perform the following additional steps to an event:
- lowercase all fields (seriously, who wants to type caps all day?!?)
- remove underscores from the beginning of fields as they are reserved in ElasticSearch for metadata information
- fields that can be converted to numbers, will be converted to numbers
Types ¶
type Journalbeat ¶
type Journalbeat struct {
// contains filtered or unexported fields
}
Journalbeat is the main Journalbeat struct
Source Files
Click to show internal directories.
Click to hide internal directories.