Skip to main content

Network Automation and Programmability Abstraction Layer with Multivendor support: syslog parser

Project description

Python library to parse syslog messages from network devices and produce JSON serializable Python objects, in a vendor agnostic shape. The output objects are structured following the OpenConfig or IETF YANG models.

For example, the following syslog message from a Juniper device:

Mar 30 12:45:19 re0.edge01.bjm01 rpd[15852]: BGP_PREFIX_THRESH_EXCEEDED (External AS 15169): Configured maximum prefix-limit threshold(160) exceeded for inet-unicast nlri: 181 (instance master)

Will produce the following object:

        "yang_message": {
              "bgp": {
                "neighbors": {
                      "neighbor": {
                        "": {
                              "state": {
                                "peer_as": "65001"
                              "afi_safis": {
                                "afi_safi": {
                                      "inet4": {
                                        "state": {
                                              "prefixes": {
                                                "received": 141
                                        "ipv4_unicast": {
                                              "prefix_limit": {
                                                "state": {
                                                      "max_prefixes": 140
        "message_details": {
              "processId": "2902",
              "severity": 5,
              "facility": 18,
              "hostPrefix": null,
              "pri": "149",
              "processName": "rpd",
              "host": "vmx01",
              "tag": "BGP_PREFIX_THRESH_EXCEEDED",
              "time": "14:03:12",
              "date": "Jun 21",
              "message": " (External AS 65001): Configured maximum prefix-limit threshold(140) exceeded for inet4-unicast nlri: 141 (instance master)"
        "timestamp": 1498050192,
        "facility": 18,
        "ip": "",
        "host": "vmx01",
        "yang_model": "openconfig-bgp",
        "error": "BGP_PREFIX_THRESH_EXCEEDED",
        "os": "junos",
        "severity": 5

The library is comes with a command line program which acts as a daemon, running in background and listening to syslog messages continuously, then publishing them over secured channels, where multiple clients can subscribe.

It is flexible to listen to the syslog messages via UDP or TCP, but also from brokers such as Apache Kafka. Similarly, the output objects can be published via various channels such as ZeroMQ, Kafka, or remote server logging. It is also pluggable enough to extend these capabilities and listen or publish to other services, depending on the needs.

The messages are published over a secured channel, encrypted and signed. Although the security can be disabled, this is highly discouraged.


Please check the official documentation for more detailed information.


napalm-logs is available on PyPi and can easily be installed using the following command:

pip install napalm-logs

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

napalm-logs-0.11.0.tar.gz (69.7 kB view hashes)

Uploaded Source

Built Distribution

napalm_logs-0.11.0-py2.py3-none-any.whl (120.9 kB view hashes)

Uploaded Python 2 Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page