Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Visualize NAP logs in mock collector grafana #939

Open
wants to merge 28 commits into
base: v3
Choose a base branch
from
Open

Visualize NAP logs in mock collector grafana #939

Changes from 2 commits
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
c5deb61
feat: add syslog receiver
RRashmit Nov 13, 2024
0162757
chore: update port to non priviledged
RRashmit Nov 13, 2024
036aba9
chore: update the syslog type and template
RRashmit Nov 18, 2024
0e138e7
chore: update comments
RRashmit Nov 18, 2024
4f6db4a
chore: update the docker
RRashmit Nov 18, 2024
409242c
chore: updated the otel collector pipeline
RRashmit Nov 25, 2024
3fde54c
chore: update multiple syslog servers
RRashmit Nov 25, 2024
45bb8ee
Merge branch 'v3' into poc-v3-otel-syslog
dhurley Nov 27, 2024
7ddc9b8
Replace syslog receiver with tcplog receiver
dhurley Nov 28, 2024
1b7a359
Replace syslog receiver with tcplog receiver
dhurley Nov 28, 2024
6f0edde
Replace syslog receiver with tcplog receiver
dhurley Nov 28, 2024
5faae62
Replace syslog receiver with tcplog receiver
dhurley Nov 28, 2024
bbc3eb5
Replace syslog receiver with tcplog receiver
dhurley Nov 28, 2024
29e07a0
Merge branch 'v3' into poc-v3-otel-syslog
dhurley Dec 2, 2024
f3b0636
Visualize NAP logs in mock collector grafana
dhurley Dec 2, 2024
2597fd6
Visualize NAP logs in mock collector grafana
dhurley Dec 2, 2024
079d594
Visualize NAP logs in mock collector grafana
dhurley Dec 3, 2024
ddb02df
Remove key_value_parser operator
dhurley Dec 3, 2024
4f9f42a
Merge branch 'poc-v3-otel-syslog' into chore/add-nap-to-mock-collector
dhurley Dec 3, 2024
5d0f9b0
Update tcplog timestamp operator
dhurley Dec 4, 2024
653c907
Merge branch 'poc-v3-otel-syslog' into chore/add-nap-to-mock-collector
dhurley Dec 4, 2024
a65e3d3
Update NGINX plus dockerfile to always build with platform set to amd…
dhurley Dec 17, 2024
771a1cf
Update how long to wait for nginx master process to start in dockerfile
dhurley Dec 20, 2024
dc26a5d
Merge branch 'v3' into chore/add-nap-to-mock-collector
dhurley Dec 20, 2024
b8bd1b3
Fix OSARCH variable in Makefile
dhurley Dec 20, 2024
1593c26
Fix OSARCH variable in Makefile
dhurley Dec 20, 2024
29f338e
Update README
dhurley Jan 7, 2025
4413e5e
Fix makefile target
dhurley Jan 9, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 12 additions & 4 deletions internal/collector/otel_collector_plugin.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,10 +24,18 @@ import (
)

const (
maxTimeToWaitForShutdown = 30 * time.Second
filePermission = 0o600
timestampConversionExpression = `EXPR(split(body, ">")[0] + ">" + ` +
`date(split(split(body, ">")[1], " ")[0]).Format("Jan 02 15:04:05") + " " + split(body, " ", 2)[1])`
maxTimeToWaitForShutdown = 30 * time.Second
filePermission = 0o600
// To conform to the rfc3164 spec the timestamp in the logs need to be formatted correctly.
// Here are some examples of what the timestamp conversions look like.
// Notice how if the day begins with a zero that the zero is replaced with an empty space.

// 2024-11-06T17:19:24+00:00 ---> Nov 6 17:19:24
// 2024-11-16T17:19:24+00:00 ---> Nov 16 17:19:24
timestampConversionExpression = `'EXPR(let timestamp = split(split(body, ">")[1], " ")[0]; ` +
`let newTimestamp = timestamp matches "(\\d{4})-(\\d{2})-(0\\d{1})T(\\d{2}):(\\d{2}):(\\d{2}).*" ` +
`? date(timestamp).Format("Jan 2 15:04:05") : date(timestamp).Format("Jan 02 15:04:05"); ` +
`split(body, ">")[0] + ">" + newTimestamp + " " + split(body, " ", 2)[1])'`
)

type (
Expand Down