Commit 750af719 authored by Alan W Szlosek Jr's avatar Alan W Szlosek Jr

update tests and readme given recent changes

parent 85966b64
Pipeline #7524255 passed with stage
in 1 minute and 11 seconds
......@@ -97,6 +97,7 @@ TODO
* More decision-making modules (ie. alert if std deviation changes by M over N seconds). Need to evaluate features of other systems
* Refine terminology
* More work on scaling horizontally. Particularly tricky is the timeouts for throttling functionality. If we have multiple instances of harbinger processing the same streams of input (in load-balanced fashion), only 1 node should be setting and responding to timeouts.
LICENSE
......
var net = require('net');
var Harbinger = require('../index');
//var slack = require('slack');
var slackToken = '';
var debug = true;
var backends = {
console: function(message, extra) {
console.log(message.payload.time, extra + 'x', message);
},
slack: function(message) {
//slack.chat.postMessage(slackToken, slackChannel, message.payload.message);
}
};
var files = [
// These files don't contain PRI
'/var/log/syslog',
'/var/log/messages'
];
var watchSyslog = function(filename) {
var lb = new Harbinger.LineBuffer(function(line) {
// would be nice to have an option to pull "package/program[PID]" from tag
var payload = Harbinger.syslog.parse(line);
if (payload.message.search(/iptables_INPUT_denied/) != -1) {
var message = Harbinger.createMessage(payload, 'syslog', filename); //socket.remoteAddress, socket.localAddress, socket.localPort);
Harbinger.Throttle.InMemory('iptables input denied:slack', message, 10, backends.slack);
Harbinger.Throttle.InMemory('iptables input denied:console', message, 10, backends.console);
}
});
var watcher = Harbinger.watchFile(filename, function(err, data) {
if (err) {
console('watch-file error', err);
return;
}
lb.data(data);
});
};
for (var i = 0; i < files.length; i++) {
watchSyslog(files[i]);
}
......@@ -5,28 +5,28 @@ module.exports = {
Timeseries: require('./lib/timeseries'),
Parse: {
// would like to move StatsD parser here, too
syslog: require('./lib/parse/syslog')
},
Input: {
StatsD: require('./lib/input/statsd'),
LineBuffer: require('./lib/line-buffer'),
},
watchFile: require('./lib/input/file-watcher'),
LineBuffer: require('./lib/line-buffer'),
syslog: require('./lib/syslog'),
Throttle: {
// The API for these is inconsistent
InMemory: require('./lib/throttle/memory'),
InRedis: require('./lib/throttle/redis')
InMemory: require('./lib/throttle/memory')
//InRedis: require('./lib/throttle/redis')
},
createMessage: function(payload, source, remoteAddress, localAddress, localPort) {
watchFile: require('./lib/input/file-watcher'),
createMessage: function(payload, source, sourceFile, remoteAddress, localAddress, localPort) {
return {
payload: payload,
// this is more like "service": statsd, syslog, etc
source: source,
sourceFile: sourceFile,
remoteAddress: remoteAddress,
// We may want to track localAddress too, if we're listening on more than 1 interface
localAddress: localAddress,
......
......@@ -6,6 +6,7 @@
"statistics": "^3.3.0"
},
"devDependencies": {
"async": "^2.2.0",
"nodeunit": "^0.10.2"
},
"scripts": {
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment