2015-07-21 18:26:52 -04:00
|
|
|
// Package syslog provides the logdriver for forwarding server logs to syslog endpoints.
|
2018-02-05 16:05:59 -05:00
|
|
|
package syslog // import "github.com/docker/docker/daemon/logger/syslog"
|
2015-03-09 14:40:57 -04:00
|
|
|
|
|
|
|
import (
|
2016-01-08 12:36:31 -05:00
|
|
|
"crypto/tls"
|
2015-06-08 07:37:54 -04:00
|
|
|
"errors"
|
2015-06-30 20:40:13 -04:00
|
|
|
"fmt"
|
2015-05-21 16:20:25 -04:00
|
|
|
"net"
|
|
|
|
"net/url"
|
2015-03-09 14:40:57 -04:00
|
|
|
"os"
|
2015-06-08 07:37:54 -04:00
|
|
|
"strconv"
|
2015-05-21 16:20:25 -04:00
|
|
|
"strings"
|
2016-02-03 15:59:27 -05:00
|
|
|
"time"
|
2015-03-09 14:40:57 -04:00
|
|
|
|
2016-01-08 12:36:31 -05:00
|
|
|
syslog "github.com/RackSec/srslog"
|
2015-03-09 14:40:57 -04:00
|
|
|
"github.com/docker/docker/daemon/logger"
|
2015-08-06 18:50:44 -04:00
|
|
|
"github.com/docker/docker/daemon/logger/loggerutils"
|
2016-01-08 12:36:31 -05:00
|
|
|
"github.com/docker/go-connections/tlsconfig"
|
2015-03-09 14:40:57 -04:00
|
|
|
)
|
|
|
|
|
2016-01-08 12:36:31 -05:00
|
|
|
const (
|
|
|
|
name = "syslog"
|
|
|
|
secureProto = "tcp+tls"
|
2022-04-09 09:18:43 -04:00
|
|
|
defaultPort = "514"
|
2016-01-08 12:36:31 -05:00
|
|
|
)
|
2015-04-09 00:23:30 -04:00
|
|
|
|
2015-06-08 07:37:54 -04:00
|
|
|
var facilities = map[string]syslog.Priority{
|
|
|
|
"kern": syslog.LOG_KERN,
|
|
|
|
"user": syslog.LOG_USER,
|
|
|
|
"mail": syslog.LOG_MAIL,
|
|
|
|
"daemon": syslog.LOG_DAEMON,
|
|
|
|
"auth": syslog.LOG_AUTH,
|
|
|
|
"syslog": syslog.LOG_SYSLOG,
|
|
|
|
"lpr": syslog.LOG_LPR,
|
|
|
|
"news": syslog.LOG_NEWS,
|
|
|
|
"uucp": syslog.LOG_UUCP,
|
|
|
|
"cron": syslog.LOG_CRON,
|
|
|
|
"authpriv": syslog.LOG_AUTHPRIV,
|
|
|
|
"ftp": syslog.LOG_FTP,
|
|
|
|
"local0": syslog.LOG_LOCAL0,
|
|
|
|
"local1": syslog.LOG_LOCAL1,
|
|
|
|
"local2": syslog.LOG_LOCAL2,
|
|
|
|
"local3": syslog.LOG_LOCAL3,
|
|
|
|
"local4": syslog.LOG_LOCAL4,
|
|
|
|
"local5": syslog.LOG_LOCAL5,
|
|
|
|
"local6": syslog.LOG_LOCAL6,
|
|
|
|
"local7": syslog.LOG_LOCAL7,
|
|
|
|
}
|
|
|
|
|
2015-07-21 18:26:52 -04:00
|
|
|
type syslogger struct {
|
2015-03-09 14:40:57 -04:00
|
|
|
writer *syslog.Writer
|
|
|
|
}
|
|
|
|
|
2015-04-09 00:23:30 -04:00
|
|
|
func init() {
|
|
|
|
if err := logger.RegisterLogDriver(name, New); err != nil {
|
2022-04-21 05:50:37 -04:00
|
|
|
panic(err)
|
2015-04-09 00:23:30 -04:00
|
|
|
}
|
2015-06-30 20:40:13 -04:00
|
|
|
if err := logger.RegisterLogOptValidator(name, ValidateLogOpt); err != nil {
|
2022-04-21 05:50:37 -04:00
|
|
|
panic(err)
|
2015-06-30 20:40:13 -04:00
|
|
|
}
|
2015-04-09 00:23:30 -04:00
|
|
|
}
|
|
|
|
|
2016-02-03 15:59:27 -05:00
|
|
|
// rsyslog uses appname part of syslog message to fill in an %syslogtag% template
|
|
|
|
// attribute in rsyslog.conf. In order to be backward compatible to rfc3164
|
|
|
|
// tag will be also used as an appname
|
|
|
|
func rfc5424formatterWithAppNameAsTag(p syslog.Priority, hostname, tag, content string) string {
|
|
|
|
timestamp := time.Now().Format(time.RFC3339)
|
|
|
|
pid := os.Getpid()
|
2017-02-02 17:16:14 -05:00
|
|
|
msg := fmt.Sprintf("<%d>%d %s %s %s %d %s - %s",
|
2016-02-03 15:59:27 -05:00
|
|
|
p, 1, timestamp, hostname, tag, pid, tag, content)
|
|
|
|
return msg
|
|
|
|
}
|
|
|
|
|
2016-04-07 02:03:28 -04:00
|
|
|
// The timestamp field in rfc5424 is derived from rfc3339. Whereas rfc3339 makes allowances
|
2017-02-16 07:08:57 -05:00
|
|
|
// for multiple syntaxes, there are further restrictions in rfc5424, i.e., the maximum
|
2016-04-07 02:03:28 -04:00
|
|
|
// resolution is limited to "TIME-SECFRAC" which is 6 (microsecond resolution)
|
|
|
|
func rfc5424microformatterWithAppNameAsTag(p syslog.Priority, hostname, tag, content string) string {
|
2018-12-08 17:40:02 -05:00
|
|
|
timestamp := time.Now().Format("2006-01-02T15:04:05.000000Z07:00")
|
2016-04-07 02:03:28 -04:00
|
|
|
pid := os.Getpid()
|
2017-02-02 17:16:14 -05:00
|
|
|
msg := fmt.Sprintf("<%d>%d %s %s %s %d %s - %s",
|
2016-04-07 02:03:28 -04:00
|
|
|
p, 1, timestamp, hostname, tag, pid, tag, content)
|
|
|
|
return msg
|
|
|
|
}
|
|
|
|
|
2015-07-21 18:26:52 -04:00
|
|
|
// New creates a syslog logger using the configuration passed in on
|
|
|
|
// the context. Supported context configuration variables are
|
2016-05-09 22:04:09 -04:00
|
|
|
// syslog-address, syslog-facility, syslog-format.
|
2016-11-26 00:08:34 -05:00
|
|
|
func New(info logger.Info) (logger.Logger, error) {
|
|
|
|
tag, err := loggerutils.ParseLogTag(info, loggerutils.DefaultTemplate)
|
2015-08-06 18:50:44 -04:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
2015-06-02 15:43:00 -04:00
|
|
|
}
|
2015-05-21 16:20:25 -04:00
|
|
|
|
2016-11-26 00:08:34 -05:00
|
|
|
proto, address, err := parseAddress(info.Config["syslog-address"])
|
2015-05-21 16:20:25 -04:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2016-11-26 00:08:34 -05:00
|
|
|
facility, err := parseFacility(info.Config["syslog-facility"])
|
2015-06-08 07:37:54 -04:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2016-11-26 00:08:34 -05:00
|
|
|
syslogFormatter, syslogFramer, err := parseLogFormat(info.Config["syslog-format"], proto)
|
2016-02-03 15:59:27 -05:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2016-01-08 12:36:31 -05:00
|
|
|
var log *syslog.Writer
|
|
|
|
if proto == secureProto {
|
2016-11-26 00:08:34 -05:00
|
|
|
tlsConfig, tlsErr := parseTLSConfig(info.Config)
|
2016-01-08 12:36:31 -05:00
|
|
|
if tlsErr != nil {
|
|
|
|
return nil, tlsErr
|
|
|
|
}
|
2016-04-27 22:46:54 -04:00
|
|
|
log, err = syslog.DialWithTLSConfig(proto, address, facility, tag, tlsConfig)
|
2016-01-08 12:36:31 -05:00
|
|
|
} else {
|
2016-04-27 22:46:54 -04:00
|
|
|
log, err = syslog.Dial(proto, address, facility, tag)
|
2016-01-08 12:36:31 -05:00
|
|
|
}
|
|
|
|
|
2015-03-09 14:40:57 -04:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2015-04-09 00:23:30 -04:00
|
|
|
|
2016-02-03 15:59:27 -05:00
|
|
|
log.SetFormatter(syslogFormatter)
|
|
|
|
log.SetFramer(syslogFramer)
|
|
|
|
|
2015-07-21 18:26:52 -04:00
|
|
|
return &syslogger{
|
2015-03-09 14:40:57 -04:00
|
|
|
writer: log,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2015-07-21 18:26:52 -04:00
|
|
|
func (s *syslogger) Log(msg *logger.Message) error {
|
2020-06-06 00:36:50 -04:00
|
|
|
if len(msg.Line) == 0 {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2016-12-12 09:54:20 -05:00
|
|
|
line := string(msg.Line)
|
2017-06-26 17:34:51 -04:00
|
|
|
source := msg.Source
|
2016-12-12 09:54:20 -05:00
|
|
|
logger.PutMessage(msg)
|
2017-06-26 17:34:51 -04:00
|
|
|
if source == "stderr" {
|
2016-12-12 09:54:20 -05:00
|
|
|
return s.writer.Err(line)
|
2015-03-09 14:40:57 -04:00
|
|
|
}
|
2016-12-12 09:54:20 -05:00
|
|
|
return s.writer.Info(line)
|
2015-03-09 14:40:57 -04:00
|
|
|
}
|
|
|
|
|
2015-07-21 18:26:52 -04:00
|
|
|
func (s *syslogger) Close() error {
|
2015-03-23 15:03:24 -04:00
|
|
|
return s.writer.Close()
|
2015-03-09 14:40:57 -04:00
|
|
|
}
|
|
|
|
|
2015-07-21 18:26:52 -04:00
|
|
|
func (s *syslogger) Name() string {
|
2015-04-09 00:23:30 -04:00
|
|
|
return name
|
|
|
|
}
|
|
|
|
|
2015-05-21 16:20:25 -04:00
|
|
|
func parseAddress(address string) (string, string, error) {
|
2015-08-17 14:37:55 -04:00
|
|
|
if address == "" {
|
|
|
|
return "", "", nil
|
|
|
|
}
|
2022-04-09 09:18:43 -04:00
|
|
|
addr, err := url.Parse(address)
|
2015-08-17 14:37:55 -04:00
|
|
|
if err != nil {
|
|
|
|
return "", "", err
|
|
|
|
}
|
2015-05-21 16:20:25 -04:00
|
|
|
|
2016-03-29 06:21:41 -04:00
|
|
|
// unix and unixgram socket validation
|
2022-04-09 09:18:43 -04:00
|
|
|
if addr.Scheme == "unix" || addr.Scheme == "unixgram" {
|
|
|
|
if _, err := os.Stat(addr.Path); err != nil {
|
2015-08-17 14:37:55 -04:00
|
|
|
return "", "", err
|
2015-05-21 16:20:25 -04:00
|
|
|
}
|
2022-04-09 09:18:43 -04:00
|
|
|
return addr.Scheme, addr.Path, nil
|
|
|
|
}
|
|
|
|
if addr.Scheme != "udp" && addr.Scheme != "tcp" && addr.Scheme != secureProto {
|
|
|
|
return "", "", fmt.Errorf("unsupported scheme: '%s'", addr.Scheme)
|
2015-08-17 14:37:55 -04:00
|
|
|
}
|
2015-05-21 16:20:25 -04:00
|
|
|
|
2015-08-17 14:37:55 -04:00
|
|
|
// here we process tcp|udp
|
2022-04-09 09:18:43 -04:00
|
|
|
host := addr.Host
|
2015-08-17 14:37:55 -04:00
|
|
|
if _, _, err := net.SplitHostPort(host); err != nil {
|
|
|
|
if !strings.Contains(err.Error(), "missing port in address") {
|
|
|
|
return "", "", err
|
2015-05-21 16:20:25 -04:00
|
|
|
}
|
2022-04-09 09:18:43 -04:00
|
|
|
host = net.JoinHostPort(host, defaultPort)
|
2015-05-21 16:20:25 -04:00
|
|
|
}
|
|
|
|
|
2022-04-09 09:18:43 -04:00
|
|
|
return addr.Scheme, host, nil
|
2015-05-21 16:20:25 -04:00
|
|
|
}
|
2015-06-08 07:37:54 -04:00
|
|
|
|
2015-07-21 18:26:52 -04:00
|
|
|
// ValidateLogOpt looks for syslog specific log options
|
2016-05-09 22:04:09 -04:00
|
|
|
// syslog-address, syslog-facility.
|
2015-06-30 20:40:13 -04:00
|
|
|
func ValidateLogOpt(cfg map[string]string) error {
|
|
|
|
for key := range cfg {
|
|
|
|
switch key {
|
2016-04-01 11:25:11 -04:00
|
|
|
case "env":
|
2016-11-08 19:34:47 -05:00
|
|
|
case "env-regex":
|
2016-04-01 11:25:11 -04:00
|
|
|
case "labels":
|
2019-01-16 16:52:22 -05:00
|
|
|
case "labels-regex":
|
2015-06-30 20:40:13 -04:00
|
|
|
case "syslog-address":
|
|
|
|
case "syslog-facility":
|
2016-01-08 12:36:31 -05:00
|
|
|
case "syslog-tls-ca-cert":
|
|
|
|
case "syslog-tls-cert":
|
|
|
|
case "syslog-tls-key":
|
|
|
|
case "syslog-tls-skip-verify":
|
2015-08-06 18:50:44 -04:00
|
|
|
case "tag":
|
2016-02-03 15:59:27 -05:00
|
|
|
case "syslog-format":
|
2015-06-30 20:40:13 -04:00
|
|
|
default:
|
|
|
|
return fmt.Errorf("unknown log opt '%s' for syslog log driver", key)
|
|
|
|
}
|
|
|
|
}
|
2015-08-17 14:38:37 -04:00
|
|
|
if _, _, err := parseAddress(cfg["syslog-address"]); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if _, err := parseFacility(cfg["syslog-facility"]); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2016-06-29 11:44:00 -04:00
|
|
|
if _, _, err := parseLogFormat(cfg["syslog-format"], ""); err != nil {
|
2016-02-03 15:59:27 -05:00
|
|
|
return err
|
|
|
|
}
|
2015-06-30 20:40:13 -04:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2015-06-08 07:37:54 -04:00
|
|
|
func parseFacility(facility string) (syslog.Priority, error) {
|
|
|
|
if facility == "" {
|
|
|
|
return syslog.LOG_DAEMON, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if syslogFacility, valid := facilities[facility]; valid {
|
|
|
|
return syslogFacility, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
fInt, err := strconv.Atoi(facility)
|
|
|
|
if err == nil && 0 <= fInt && fInt <= 23 {
|
|
|
|
return syslog.Priority(fInt << 3), nil
|
|
|
|
}
|
|
|
|
|
|
|
|
return syslog.Priority(0), errors.New("invalid syslog facility")
|
|
|
|
}
|
2016-01-08 12:36:31 -05:00
|
|
|
|
|
|
|
func parseTLSConfig(cfg map[string]string) (*tls.Config, error) {
|
|
|
|
_, skipVerify := cfg["syslog-tls-skip-verify"]
|
|
|
|
|
|
|
|
opts := tlsconfig.Options{
|
|
|
|
CAFile: cfg["syslog-tls-ca-cert"],
|
|
|
|
CertFile: cfg["syslog-tls-cert"],
|
|
|
|
KeyFile: cfg["syslog-tls-key"],
|
|
|
|
InsecureSkipVerify: skipVerify,
|
|
|
|
}
|
|
|
|
|
|
|
|
return tlsconfig.Client(opts)
|
|
|
|
}
|
2016-02-03 15:59:27 -05:00
|
|
|
|
2016-06-29 11:44:00 -04:00
|
|
|
func parseLogFormat(logFormat, proto string) (syslog.Formatter, syslog.Framer, error) {
|
2016-02-03 15:59:27 -05:00
|
|
|
switch logFormat {
|
|
|
|
case "":
|
|
|
|
return syslog.UnixFormatter, syslog.DefaultFramer, nil
|
|
|
|
case "rfc3164":
|
|
|
|
return syslog.RFC3164Formatter, syslog.DefaultFramer, nil
|
|
|
|
case "rfc5424":
|
2016-06-29 11:44:00 -04:00
|
|
|
if proto == secureProto {
|
|
|
|
return rfc5424formatterWithAppNameAsTag, syslog.RFC5425MessageLengthFramer, nil
|
|
|
|
}
|
|
|
|
return rfc5424formatterWithAppNameAsTag, syslog.DefaultFramer, nil
|
2016-04-07 02:03:28 -04:00
|
|
|
case "rfc5424micro":
|
2016-06-29 11:44:00 -04:00
|
|
|
if proto == secureProto {
|
|
|
|
return rfc5424microformatterWithAppNameAsTag, syslog.RFC5425MessageLengthFramer, nil
|
|
|
|
}
|
|
|
|
return rfc5424microformatterWithAppNameAsTag, syslog.DefaultFramer, nil
|
2016-02-03 15:59:27 -05:00
|
|
|
default:
|
|
|
|
return nil, nil, errors.New("Invalid syslog format")
|
|
|
|
}
|
|
|
|
}
|