[![Build Status](https://travis-ci.org/athenahealth/fluent-plugin-newsyslog.svg?branch=master)](https://travis-ci.org/athenahealth/fluent-plugin-newsyslog)
# Fluent::Plugin::NewSyslog

This is a syslog input and parser plugins for Fluentd.
It supports the newer rfc5424 syslog format along with the older rfc3164 format.
It will automatically parse the time formats using the built in 
ruby time parser rather than specifying the expected format from the syslog message.
The parser plugin is backwards compatible with the built in syslog parser.

## Installation

Add this line to your application's Gemfile:

```ruby
gem 'fluent-plugin-newsyslog'
```

And then execute:

    $ bundle

Or install it yourself as:

    $ gem install fluent-plugin-newsyslog

## Usage

### `in_newsyslog` Input plugin

The `in_newsyslog` Input plugin enables Fluentd to retrieve records via the syslog protocol on UDP or TCP.
The default parser is the `parser_newsyslog` plugin.

#### Example Configuration
```
<source>
  type newsyslog
  port 5140
  bind 0.0.0.0
  tag system
</source>
```
#### Parameters
**type (required)**
The value must be newsyslog.

**port**
The port to listen to. Default Value = 5140

**bind**
The bind address to listen to. Default Value = 0.0.0.0 (all addresses)

**protocol_type**
The transport protocol used to receive logs. “udp” and “tcp” are supported. “udp” by default.

**tag (required)**
The prefix of the tag. The tag itself is generated by the tag prefix, facility level, and priority.

### `parser_newsyslog` Parser plugin

The `parser_newsyslog` Parser plugin enables Fluentd to parse syslog records in either rfc5424 or rfc3164 format.

#### Example Configuration
This is an example to use this parser with the syslog plugin.
```
<source>
  type syslog
  port 5140
  bind 0.0.0.0
  format newsyslog
  tag system
</source>
```
#### Parameters

**payload_message**
When set to true, it will output the entire syslog message into the message field rather than the parsed message field.
Default Value = false, send the parsed syslog message field.
 
## Development

After checking out the repo, run `bundle` to install dependencies.

To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `fluent-plugin-newsyslog.gemspec`, and then run `bundle exec rake release` to create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).

### Running unit tests
This gem is using both rspec and test::unit

execute `bundle exec rspec` to run the rspec tests
execute `bundle exec rake test` to run test::unit tests 

## Contributing

1. Fork it ( https://github.com/athenahealth/fluent-plugin-newsyslog/fork )
2. Create your feature branch (`git checkout -b my-new-feature`)
3. Commit your changes (`git commit -am 'Add some feature'`)
4. Push to the branch (`git push origin my-new-feature`)
5. Create a new Pull Request