Skip to content
/ lumberjack-python Public

A quick code dump of implementation of the Lumberjack protocol from LogStash and Beats.

License

GPL-3.0 license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ateska/lumberjack-python

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
lmio-ljpoc.py
lmio-ljpoc.py
 
 
setup.cfg
setup.cfg
 
 

Repository files navigation

Lumberjack protocol from LogStash and Beats for Python

A quick code dump of implementation of the Lumberjack protocol from LogStash and Beats. No 3rd party dependencies.

Proof Of Concept

🚧🚧🚧 Only a proof-of-concept 🚧🚧🚧 in a fully working condition.

How to Run it

The PoC is a standalone TCP server, implemented using asyncio.

% python ./lmio-ljpoc.py 
Serving on tcp/('0.0.0.0', 5044)
New connection from ('10.17.162.9', 59154)
...

The PoC dumps a separated JSON for every log event sent over the Lumberjack protocol from Winlogbeats and Filebeats. Other beats are likely supported as well b/c they all use libbeats and https://github.com/elastic/go-lumber but I haven't tested them (yet).

SSL is not yet supported but it will be very simple to add (using TeskaLabs LogMan.io collector internal capabilities). Final SSL implementation will support autodetection, so that people can mix encrypted and raw connections from Beats.

Beats output configuration:

output.logstash:
  enabled: true
  hosts: ["127.0.0.1:5044"]

Note: Change your IP address accordingly.

Contact me , if you have a question to this code.

About

A quick code dump of implementation of the Lumberjack protocol from LogStash and Beats.

Topics

logstash beats lumberjack

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Languages