def beacon(config): """ The journald beacon allows for the systemd journal to be parsed and linked objects to be turned into events. This beacons config will return all sshd jornal entries .. code-block:: yaml beacons: journald: sshd: SYSLOG_IDENTIFIER: sshd PRIORITY: 6 """ ret = [] journal = _get_journal() while True: cur = journal.get_next() if not cur: break for name in config: n_flag = 0 for key in config[name]: if isinstance(key, salt.ext.six.string_types): key = salt.utils.locales.sdecode(key) if key in cur: if config[name][key] == cur[key]: n_flag += 1 if n_flag == len(config[name]): # Match! ret.append(salt.utils.cloud.simple_types_filter(cur)) return ret
def beacon(config): ''' The journald beacon allows for the systemd journal to be parsed and linked objects to be turned into events. This beacons config will return all sshd jornal entries .. code-block:: yaml beacons: journald: sshd: SYSLOG_IDENTIFIER: sshd PRIORITY: 6 ''' ret = [] journal = _get_journal() while True: cur = journal.get_next() if not cur: break for name in config: n_flag = 0 for key in config[name]: if isinstance(key, salt.ext.six.string_types): key = salt.utils.locales.sdecode(key) if key in cur: if config[name][key] == cur[key]: n_flag += 1 if n_flag == len(config[name]): # Match! ret.append(salt.utils.cloud.simple_types_filter(cur)) return ret
def _run_systemd(self): import select import systemd.journal journal = systemd.journal.Reader() journal.seek_tail() journal.get_previous() # See https://bugs.freedesktop.org/show_bug.cgi?id=64614 poll = select.poll() poll.register(journal.fileno(), journal.get_events()) while True: try: poll.poll() except select.error as e: if e.errno != errno.EINTR: # check for legitimate signal raise entry = journal.get_next() if not entry: journal.process() # This is necessary to reset fd readable state continue try: syslog_id = entry['SYSLOG_IDENTIFIER'].encode('ascii', 'ignore') if 'SYSLOG_IDENTIFIER' in entry else 'systemd' message = entry['MESSAGE'].encode('ascii', 'ignore') if 'MESSAGE' in entry else 'none' severity, msg = self._filter(syslog_id, message, entry) self._print(severity, msg) except Exception as e: print(e) print(traceback.print_exc())
def beacon(config): """ The journald beacon allows for the systemd journal to be parsed and linked objects to be turned into events. This beacons config will return all sshd jornal entries .. code-block:: yaml beacons: journald: - services: sshd: SYSLOG_IDENTIFIER: sshd PRIORITY: 6 """ ret = [] journal = _get_journal() _config = {} list(map(_config.update, config)) while True: cur = journal.get_next() if not cur: break for name in _config.get("services", {}): n_flag = 0 for key in _config["services"][name]: if isinstance(key, salt.ext.six.string_types): key = salt.utils.data.decode(key) if key in cur: if _config["services"][name][key] == cur[key]: n_flag += 1 if n_flag == len(_config["services"][name]): # Match! sub = salt.utils.data.simple_types_filter(cur) sub.update({"tag": name}) ret.append(sub) return ret