Skip to main content
Donate to the Python Software Foundation or Purchase a PyCharm License to Benefit the PSF! Donate Now

Network Automation and Programmability Abstraction Layer with Multivendor support: syslog parser

Project description

Python library to parse syslog messages from network devices and produce JSON serializable Python objects, in a vendor agnostic shape. The output objects are structured following the OpenConfig or IETF YANG models.

For example, the following syslog message from a Juniper device:

Mar 30 12:45:19 re0.edge01.bjm01 rpd[15852]: BGP_PREFIX_THRESH_EXCEEDED 1.2.3.4 (External AS 15169): Configured maximum prefix-limit threshold(160) exceeded for inet-unicast nlri: 181 (instance master)

Will produce the following object:

      {
        "yang_message": {
              "bgp": {
                "neighbors": {
                      "neighbor": {
                        "192.168.140.254": {
                              "state": {
                                "peer_as": "65001"
                              },
                              "afi_safis": {
                                "afi_safi": {
                                      "inet4": {
                                        "state": {
                                              "prefixes": {
                                                "received": 141
                                              }
                                        },
                                        "ipv4_unicast": {
                                              "prefix_limit": {
                                                "state": {
                                                      "max_prefixes": 140
                                                }
                                              }
                                        }
                                      }
                                }
                              }
                        }
                      }
                }
              }
        },
        "message_details": {
              "processId": "2902",
              "severity": 5,
              "facility": 18,
              "hostPrefix": null,
              "pri": "149",
              "processName": "rpd",
              "host": "vmx01",
              "tag": "BGP_PREFIX_THRESH_EXCEEDED",
              "time": "14:03:12",
              "date": "Jun 21",
              "message": "192.168.140.254 (External AS 65001): Configured maximum prefix-limit threshold(140) exceeded for inet4-unicast nlri: 141 (instance master)"
        },
        "timestamp": 1498050192,
        "facility": 18,
        "ip": "127.0.0.1",
        "host": "vmx01",
        "yang_model": "openconfig-bgp",
        "error": "BGP_PREFIX_THRESH_EXCEEDED",
        "os": "junos",
        "severity": 5
      }
}

The library is comes with a command line program which acts as a daemon, running in background and listening to syslog messages continuously, then publishing them over secured channels, where multiple clients can subscribe.

It is flexible to listen to the syslog messages via UDP or TCP, but also from brokers such as Apache Kafka. Similarly, the output objects can be published via various channels such as ZeroMQ, Kafka, or remote server logging. It is also pluggable enough to extend these capabilities and listen or publish to other services, depending on the needs.

The messages are published over a secured channel, encrypted and signed. Although the security can be disabled, this is highly discouraged.

Documentation

Please check the official documentation for more detailed information.

Install

napalm-logs is available on PyPi and can easily be installed using the following command:

pip install napalm-logs

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
napalm-logs-0.7.0.tar.gz (47.7 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page