Syslog sink over http for logstash (or any json source) (#14424)

* inital commit of a new syslog sink over http * cosmetics * cosmetics fix... * cosmetic fix again * cosmetics fix again * its nice now... * add non blocking option * Syslog Sink integrated as API PUT method * lint fix * Update includes/html/api_functions.inc.php Co-authored-by: Tony Murray <murraytony@gmail.com> * Update includes/html/api_functions.inc.php Co-authored-by: Tony Murray <murraytony@gmail.com> * Update includes/html/api_functions.inc.php Co-authored-by: Tony Murray <murraytony@gmail.com> * change to POST, fix decoding issue and json exception * logstash/json documentation added. syslog documentation a bit re-structured * lint fix --------- Co-authored-by: Tony Murray <murraytony@gmail.com>
2024-10-07 16:52:45 +00:00 · 2023-03-15 14:14:38 +01:00
parent 1173cf3161
commit 82bd437e47
5 changed files with 157 additions and 33 deletions
--- a/doc/API/Logs.md
+++ b/doc/API/Logs.md
@@ -75,3 +75,34 @@ Output:
    ]
 }
 ```
+
+### `syslogsink`
+
+Route: `/api/v0/logs/syslogsink`
+
+Accept any json messages and passes to further syslog processing. single messages or an array of multiple messages is accepted. see [Syslog](../Extensions/Syslog.md) for more details and logstash integration
+
+
+Example
+```
+curl -L -X POST 'https://sink.librenms.org/api/v0/syslogsink/' -H 'X-Auth-Token: xxxxxxxLibreNMSApiToken' --data-raw '[   
+    {
+        "msg": "kernel: minimum Message",
+        "host": "mydevice.fqdn.com"
+    },
+    {
+        "msg": "Line protocol on Interface GigabitEthernet1/0/41, changed state to up",
+        "facility": 23,
+        "priority": "189",
+        "program": "LINEPROTO-5-UPDOWN",
+        "host": "172.29.10.24",
+        "@timestamp": "2022-12-01T20:14:28.257Z",
+        "severity": 5,
+        "level": "ERROR"
+    },
+    {
+        "msg": "kernel: a unknown host",
+        "host": "unknown.fqdn.com"
+    }
+]'
+```