Giter VIP home page Giter VIP logo

stackstorm-napalm_logs's Introduction

stackstorm-napalm_logs

napalm-logs is an Open Source cross-vendor normalisation for network syslog messages, following the OpenConfig and IETF YANG models maintained by napalm-automation.

Configuration

Copy the example configuration in napalm_logs.yaml.example to /opt/stackstorm/configs/napalm_logs.yaml and edit as required.

It should look like this:

---
server_address: 1.1.1.1
server_port: 49017
auth_address: 1.1.1.1
auth_port: 49018
certificate_file: /opt/stackstorm/configs/napalm-logs.crt

Place your ssl certificate for the napalm-logs server in /opt/stackstorm/configs/napalm-logs.crt or another location and update certificate_file in the config file.

After editing, run sudo st2ctl reload --register-configs to ensure your configuration is loaded.

Sensors

Napalm-logs registers a sensor, napalm_logs_client which runs a client that connects to the napalm-logs server. Any and all parsed logs receieved from the server will fire a napalm_logs.log trigger into st2 containing the payload of the log.

stackstorm-napalm_logs's People

Contributors

lampwins avatar cognifloyd avatar lindsayhill avatar kami avatar nmaludy avatar

Stargazers

Mark avatar Henry avatar Akira Yokochi avatar Mircea Ulinic avatar

Watchers

James Cloos avatar Mick McGrath avatar Patrick Hoolboom avatar Dmitri Zimin(e) avatar Marcel Weinberg avatar Eugen avatar avatar Lakshmi Kannan avatar David Gee avatar Ankur Singh avatar A R avatar Amanda McGuinness avatar Ram Golla avatar

Forkers

cognifloyd

stackstorm-napalm_logs's Issues

Implement connection retry

Currently if the sensor client looses connection, it just dies. Need to make it retry connection to just restart itself.

Invalid dictionary key

I have a napalm-logs server injesting syslogs from a test vmx. I'm using the default publisher for the napalm-log server (zmq). Everything from the napalm-log server looks correct. It gets the log from vmx and the formats the syslog message. I'm running a zmq client and see the structured log:

{'yang_message': {'bgp': {'neighbors': {'neighbor': {'192.168.140.254': {'state': {'peer_as': '4230'}, 'afi_safis': {'afi_safi': {'inet4': {'state': {'prefixes': {'received': 141}}, 'ipv4_unicast': {'prefix_limit': {'state': {'max_prefixes': 140}}}}}}}}}}}, 'message_details': {'processId': '2902', 'severity': 4, 'facility': 3, 'hostPrefix': None, 'pri': '28', 'processName': 'rpd', 'host': 'vmx01', 'tag': 'BGP_PREFIX_THRESH_EXCEEDED', 'time': '14:03:12', 'date': 'Jun 30', 'message': '192.168.140.254 (External AS 4230): Configured maximum prefix-limit threshold(140) exceeded for inet4-unicast nlri: 141 (instance master)'}, 'facility': 3, 'ip': '192.168.1.183', 'error': 'BGP_PREFIX_THRESH_EXCEEDED', 'host': 'vmx01', 'yang_model': 'openconfig-bgp', 'timestamp': 1593525792, 'os': 'junos', 'severity': 4}

I've installed Stackstorm with the napalm-logs pack. It connects to the napalm-log server fine and receives the message but it runs into this error:

2021-03-26 17:07:04,200 139728331118744 ERROR consumers [-] StagedQueueConsumer failed to process message: {'trigger': 'napalm_logs.log', 'payload': {b'host': b'vmx01', b'yang_message': {b'bgp': {b'neighbors': {b'neighbor': {b'192.168.140.254': {b'state': {b'peer_as': b'4230'}, b'afi_safis': {b'afi_safi': {b'inet4': {b'state': {b'prefixes': {b'received': 141}}, b'ipv4_unicast': {b'prefix_limit': {b'state': {b'max_prefixes': 140}}}}}}}}}}}, b'message_details': {b'processId': b'2902', b'facility': 3, b'hostPrefix': None, b'pri': b'28', b'processName': b'rpd', b'host': b'vmx01', b'tag': b'BGP_PREFIX_THRESH_EXCEEDED', b'time': b'14:03:12', b'date': b'Jun 30', b'message': b'192.168.140.254 (External AS 4230): Configured maximum prefix-limit threshold(140) exceeded for inet4-unicast nlri: 141 (instance master)', b'severity': 4}, b'timestamp': 1593525792, b'error': b'BGP_PREFIX_THRESH_EXCEEDED', b'ip': b'192.168.1.183', b'facility': 3, b'os': b'junos', b'yang_model': b'openconfig-bgp', b'severity': 4}, 'trace_context': None}
Traceback (most recent call last):
File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2common/transport/consumers.py", line 86, in process
response = self._handler.pre_ack_process(body)
File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2reactor/rules/worker.py", line 57, in pre_ack_process
raise_on_no_trigger=True)
File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2reactor/container/utils.py", line 55, in create_trigger_instance
return TriggerInstance.add_or_update(trigger_instance)
File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2common/persistence/base.py", line 174, in add_or_update
model_object = cls._get_impl().add_or_update(model_object, validate=True)
File "/opt/stackstorm/st2/lib/python3.6/site-packages/st2common/models/db/init.py", line 466, in add_or_update
instance.save(validate=validate)
File "/opt/stackstorm/st2/lib/python3.6/site-packages/mongoengine/document.py", line 369, in save
self.validate(clean=clean)
File "/opt/stackstorm/st2/lib/python3.6/site-packages/mongoengine/base/document.py", line 413, in validate
raise ValidationError(message, errors=errors)
mongoengine.errors.ValidationError: ValidationError (TriggerInstanceDB:None) (Invalid dictionary key - documents must have only string keys: ['payload'])

Any ideas what may be wrong?

This is all running on a single host with Centos7. Stackstorm is 3.4.1 on Python 3.6.8

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.