Add syslogAddHeader config directive #296

patriknordlen · 2019-09-11T22:46:46Z

This PR adds functionality to the syslogoutput plugin that if enabled makes the plugin output an RFC 3164 compliant header at the beginning of each message, consisting of a timestamp and a hostname. The value of the hostname is taken from the host value defined for the sample.

The use-case is in situations where eventgen is set to output events as syslog but one wants the receiving syslog server to be able to use the sample's defined host value as originating hostname. Without the initial header this is not possible and events are sent as-is, in which case the receiving syslog server has to use the hostname of the host that eventgen is running on instead. Upon adding this header, eventgen will emulate being an intermediate syslog forwarder, adding the "original" hostname at the start of the message.

li-wu · 2019-09-12T01:30:57Z

Do we have an issue to track this?

patriknordlen · 2019-09-12T06:23:15Z

I didn't create an issue, I saw the need for this and implemented the solution instead of filing an issue, but I can create one if it's preferred for tracking purposes etc!

patriknordlen · 2019-09-17T17:13:03Z

@li-wu should I create an issue to match the PR against?

li-wu · 2019-09-18T01:24:18Z

@li-wu should I create an issue to match the PR against?

Yes please thanks.

patriknordlen · 2019-09-18T11:04:31Z

@li-wu Done! #299

li-wu · 2019-09-18T22:24:50Z

splunk_eventgen/lib/eventgenconfig.py

    _boolSettings = [
        'disabled', 'randomizeEvents', 'bundlelines', 'profiler', 'useOutputQueue', 'autotimestamp',
-        'httpeventWaitResponse', 'outputCounter', 'sequentialTimestamp', 'disableLoggingQueue']
+        'httpeventWaitResponse', 'outputCounter', 'sequentialTimestamp', 'disableLoggingQueue', 'syslogAddHost']


This should be syslogAddHeader?

Indeed it should! Will push a fix.

li-wu · 2019-09-18T22:27:26Z

splunk_eventgen/lib/plugins/output/syslogout.py

+    def __init__(self, host):
+        self.host = host
+
+    def filter(self, record):


This filter always returns True.

Correct, this is as intended - the filter should never return False, because all events should be sent. The purpose of the filter is not to remove messages from the output stream, it is only to add the host field so it's available in the formatter further down.

please add this description as comment in HostFilter::filter method.
It would be much easier for other people to understand the purpose of this filter.

GordonWang · 2019-09-21T14:07:46Z

tests/sample_eventgen_conf/medium_test/eventgen.conf.syslogoutput

 syslogDestinationHost = 127.0.0.1
 syslogDestinationPort = 9999
-
+syslogAddHeader = false


can we add one more test case to address this feature?
by default it is false.
We need one more case to test if syslogAddHeader=true

I added a new separate test for this - considered integrating it into existing one but thinking it might be confusing.

GordonWang · 2019-09-21T14:13:51Z

splunk_eventgen/lib/plugins/output/syslogout.py

        loggerName = 'syslog' + sample.name
        self._l = logging.getLogger(loggerName)
+        if syslogAddHeader:
+            self._l.addFilter(HostFilter(host=sample.host))


please update the host setting in configuration docs in eventgen.conf.spec
Because now, host is not only used in splunkstream mode.

GordonWang · 2019-09-21T14:16:39Z

Thanks for this PR. Please update the test case to address this feature.

GordonWang

this for PR.

…eventgen into syslog_add_header

patriknordlen · 2019-09-23T05:50:56Z

Thanks for this PR. Please update the test case to address this feature.

Thanks for the review. I pushed changes based on your comment - please review and let me know if anything should be done differently.

GordonWang

ship it !

GordonWang

ship it!

* Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2

* Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix

* Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306)

* Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308)

* Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311)

* Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Fixed typo (#313) * update redis version to use new functions (#318) * Update tutorial related docs (#315) * Revert oom fix change (#320) * make circle ci fail when test case fails (#317) * Add disable logging option to fix oom (#323) * Add disable logging option to fix oom * Fix modular input bug * Fixing api server (#322) * fixed multiple attributes * debug * Py3 upgrade (#291) * init commit for python 3 migration * migrate to py3 for test * Fix import issue * Fix test cases * Fix jinja test case * Fix multiprocess issue * Fix a few warnings * Fix test case fail * Fix test case * Fix cluster test cases * Fix set_conf error * Fix shebang * Remove logutils lib from source * Fix splunkstream import error * Remove logutils from requirements.txt * Fix build spl error * Change code block indent * Fix doc anchor issue * Fix app running on Splunk 8.0 issue * Fix xrange issue introduced by develop branch * Fix merge bug * Fix bug * remove logutils * Fix makefile bug * Fix configparser bug * Change filter function * Bump version to 7.0.0

* Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Fixed typo (#313) * update redis version to use new functions (#318) * Update tutorial related docs (#315) * Revert oom fix change (#320) * make circle ci fail when test case fails (#317) * Add disable logging option to fix oom (#323) * Add disable logging option to fix oom * Fix modular input bug * Fixing api server (#322) * fixed multiple attributes * debug * Py3 upgrade (#291) * init commit for python 3 migration * migrate to py3 for test * Fix import issue * Fix test cases * Fix jinja test case * Fix multiprocess issue * Fix a few warnings * Fix test case fail * Fix test case * Fix cluster test cases * Fix set_conf error * Fix shebang * Remove logutils lib from source * Fix splunkstream import error * Remove logutils from requirements.txt * Fix build spl error * Change code block indent * Fix doc anchor issue * Fix app running on Splunk 8.0 issue * Fix xrange issue introduced by develop branch * Fix merge bug * Fix bug * remove logutils * Fix makefile bug * Fix configparser bug * Change filter function * Bump version to 7.0.0 * Fix dateutil package bug

* Updating Master (#312) * Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Update Master (#314) * Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Release 7.0.0 (#324) * Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Fixed typo (#313) * update redis version to use new functions (#318) * Update tutorial related docs (#315) * Revert oom fix change (#320) * make circle ci fail when test case fails (#317) * Add disable logging option to fix oom (#323) * Add disable logging option to fix oom * Fix modular input bug * Fixing api server (#322) * fixed multiple attributes * debug * Py3 upgrade (#291) * init commit for python 3 migration * migrate to py3 for test * Fix import issue * Fix test cases * Fix jinja test case * Fix multiprocess issue * Fix a few warnings * Fix test case fail * Fix test case * Fix cluster test cases * Fix set_conf error * Fix shebang * Remove logutils lib from source * Fix splunkstream import error * Remove logutils from requirements.txt * Fix build spl error * Change code block indent * Fix doc anchor issue * Fix app running on Splunk 8.0 issue * Fix xrange issue introduced by develop branch * Fix merge bug * Fix bug * remove logutils * Fix makefile bug * Fix configparser bug * Change filter function * Bump version to 7.0.0 * Release 7.0.0 (#325) * Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Fixed typo (#313) * update redis version to use new functions (#318) * Update tutorial related docs (#315) * Revert oom fix change (#320) * make circle ci fail when test case fails (#317) * Add disable logging option to fix oom (#323) * Add disable logging option to fix oom * Fix modular input bug * Fixing api server (#322) * fixed multiple attributes * debug * Py3 upgrade (#291) * init commit for python 3 migration * migrate to py3 for test * Fix import issue * Fix test cases * Fix jinja test case * Fix multiprocess issue * Fix a few warnings * Fix test case fail * Fix test case * Fix cluster test cases * Fix set_conf error * Fix shebang * Remove logutils lib from source * Fix splunkstream import error * Remove logutils from requirements.txt * Fix build spl error * Change code block indent * Fix doc anchor issue * Fix app running on Splunk 8.0 issue * Fix xrange issue introduced by develop branch * Fix merge bug * Fix bug * remove logutils * Fix makefile bug * Fix configparser bug * Change filter function * Bump version to 7.0.0 * Fix dateutil package bug * update eventgen version to 7.1.0 Co-authored-by: Tony Lee <[email protected]> Co-authored-by: Li Wu <[email protected]>

* Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Fixed typo (#313) * update redis version to use new functions (#318) * Update tutorial related docs (#315) * Revert oom fix change (#320) * make circle ci fail when test case fails (#317) * Add disable logging option to fix oom (#323) * Add disable logging option to fix oom * Fix modular input bug * Fixing api server (#322) * fixed multiple attributes * debug * Py3 upgrade (#291) * init commit for python 3 migration * migrate to py3 for test * Fix import issue * Fix test cases * Fix jinja test case * Fix multiprocess issue * Fix a few warnings * Fix test case fail * Fix test case * Fix cluster test cases * Fix set_conf error * Fix shebang * Remove logutils lib from source * Fix splunkstream import error * Remove logutils from requirements.txt * Fix build spl error * Change code block indent * Fix doc anchor issue * Fix app running on Splunk 8.0 issue * Fix xrange issue introduced by develop branch * Fix merge bug * Fix bug * remove logutils * Fix makefile bug * Fix configparser bug * Change filter function * Bump version to 7.0.0 * Fix dateutil package bug * cleanup memory (#326) * cleanup memory * addressing comment * Fixed standalone healthcheck (#328) * Add python2 libs required by perf test case (#331) * make splunk_eventgen as a module (#332) * Fix oom caused by ujson (#336) * Fix oom caused by ujson * Fix test env * add release automation script (#335) * add release automation script * Fix process leak and start/stop 500 issue (#344) * Fix process leak and start/stop 500 issue * Fix test case fail * Fix high system load issue (#345) * Adding an option (#340) * Adding an option * Adding ujson2 for python3 as well * minor improvements * Scp plugin (#343) * intermediate code for scp_plugin * code clean up * Added doc * revert windbag * Cap * added test * revert (#347) * changing name (#349) * Change (#350) * change token type (#351) * Add multithread support (#353) * Add multithread support * Fix typo * Revert coverage version to 4.5.4 (#355) * Fix CI failure cased by jinja new version and update the log config to reduce log in app (#358) * Add missing documentation for negative floats, as introduced in PR#127 (#360) * Bump nokogiri from 1.10.4 to 1.10.8 in /docs (#359) Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.4 to 1.10.8. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md) - [Commits](sparklemotion/nokogiri@v1.10.4...v1.10.8) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Li Wu <[email protected]> * Fix jinja plugin bug and test addon sample (#361) * regex stanza bugfix (#365) * prelim changes * fix regex length matching * fix wildcard sample + csv cases * small csv fix, add test case * revert accidental change * Upgraded test instance * add httpevent collector * forgot to update stanza name * add escape for csv matching + test case * add sample, remove stanza * push not working Co-authored-by: tonyl <[email protected]> * Improvement/release script (#368) * add PR to master * update title in sent PR Co-authored-by: Li Wu <[email protected]> * Correct python2/3 issue (#363) * msg must be a bytes like object * msg must be a bytes like object Co-authored-by: Li Wu <[email protected]> * update eventgen version to 7.1.0 Co-authored-by: Li Wu <[email protected]> Co-authored-by: Tony Lee <[email protected]> Co-authored-by: Patrik Nordlén <[email protected]> Co-authored-by: Guodong Wang <[email protected]> Co-authored-by: David Wang <[email protected]> Co-authored-by: Guodong Wang <[email protected]> Co-authored-by: Erwin Vrolijk <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ryan Faircloth <[email protected]>

* Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Fixed typo (#313) * update redis version to use new functions (#318) * Update tutorial related docs (#315) * Revert oom fix change (#320) * make circle ci fail when test case fails (#317) * Add disable logging option to fix oom (#323) * Add disable logging option to fix oom * Fix modular input bug * Fixing api server (#322) * fixed multiple attributes * debug * Py3 upgrade (#291) * init commit for python 3 migration * migrate to py3 for test * Fix import issue * Fix test cases * Fix jinja test case * Fix multiprocess issue * Fix a few warnings * Fix test case fail * Fix test case * Fix cluster test cases * Fix set_conf error * Fix shebang * Remove logutils lib from source * Fix splunkstream import error * Remove logutils from requirements.txt * Fix build spl error * Change code block indent * Fix doc anchor issue * Fix app running on Splunk 8.0 issue * Fix xrange issue introduced by develop branch * Fix merge bug * Fix bug * remove logutils * Fix makefile bug * Fix configparser bug * Change filter function * Bump version to 7.0.0 * Fix dateutil package bug * cleanup memory (#326) * cleanup memory * addressing comment * Fixed standalone healthcheck (#328) * Add python2 libs required by perf test case (#331) * make splunk_eventgen as a module (#332) * Fix oom caused by ujson (#336) * Fix oom caused by ujson * Fix test env * add release automation script (#335) * add release automation script * Fix process leak and start/stop 500 issue (#344) * Fix process leak and start/stop 500 issue * Fix test case fail * Fix high system load issue (#345) * Adding an option (#340) * Adding an option * Adding ujson2 for python3 as well * minor improvements * Scp plugin (#343) * intermediate code for scp_plugin * code clean up * Added doc * revert windbag * Cap * added test * revert (#347) * changing name (#349) * Change (#350) * change token type (#351) * Add multithread support (#353) * Add multithread support * Fix typo * Revert coverage version to 4.5.4 (#355) * Fix CI failure cased by jinja new version and update the log config to reduce log in app (#358) * Add missing documentation for negative floats, as introduced in PR#127 (#360) * Bump nokogiri from 1.10.4 to 1.10.8 in /docs (#359) Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.4 to 1.10.8. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/master/CHANGELOG.md) - [Commits](sparklemotion/nokogiri@v1.10.4...v1.10.8) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Li Wu <[email protected]> * Fix jinja plugin bug and test addon sample (#361) * regex stanza bugfix (#365) * prelim changes * fix regex length matching * fix wildcard sample + csv cases * small csv fix, add test case * revert accidental change * Upgraded test instance * add httpevent collector * forgot to update stanza name * add escape for csv matching + test case * add sample, remove stanza * push not working Co-authored-by: tonyl <[email protected]> * Improvement/release script (#368) * add PR to master * update title in sent PR Co-authored-by: Li Wu <[email protected]> * Correct python2/3 issue (#363) * msg must be a bytes like object * msg must be a bytes like object Co-authored-by: Li Wu <[email protected]> * Release eventgen 7.1.0. Merge to develop branch. (#372) * Updating Master (#312) * Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Update Master (#314) * Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Release 7.0.0 (#324) * Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Fixed typo (#313) * update redis version to use new functions (#318) * Update tutorial related docs (#315) * Revert oom fix change (#320) * make circle ci fail when test case fails (#317) * Add disable logging option to fix oom (#323) * Add disable logging option to fix oom * Fix modular input bug * Fixing api server (#322) * fixed multiple attributes * debug * Py3 upgrade (#291) * init commit for python 3 migration * migrate to py3 for test * Fix import issue * Fix test cases * Fix jinja test case * Fix multiprocess issue * Fix a few warnings * Fix test case fail * Fix test case * Fix cluster test cases * Fix set_conf error * Fix shebang * Remove logutils lib from source * Fix splunkstream import error * Remove logutils from requirements.txt * Fix build spl error * Change code block indent * Fix doc anchor issue * Fix app running on Splunk 8.0 issue * Fix xrange issue introduced by develop branch * Fix merge bug * Fix bug * remove logutils * Fix makefile bug * Fix configparser bug * Change filter function * Bump version to 7.0.0 * Release 7.0.0 (#325) * Fix structlog dependency for app (#280) * zipfile fix (#284) * Fix bug 286 random token replacement (#287) * Fix bug 286 random token replacement * Change perdayvolume generator logic to get random token value replacement * Versioning scheme (#278) * [global] perDayVolume (#288) * exclude global from perDayVolume assignment * Address comment * Fix security vulnerability issue (#289) * Fix custom plugin stale docs (#290) * Server fix (#293) * Flag added * server fix for count and env clean * Fix bug 285 (#297) * Add syslogAddHeader config directive (#296) * Add syslog header to event in syslog mode * timezone setting bugfix #249 * Using multiprocess pool to address the OOM issue (#301) * Using multiprocess pool to address the OOM issue * Fix test case fail * Remove workerQueue unfinished tasks (#302) * Bumped version to 6.5.2 * controller fix (#304) * controller fix * variable assignment fix (#306) * add healthcheck endpoint and ping it every half an hour (#308) * Fix security vulnerability issue reported by GitHub (#309) * make controller also hit redis on healthcheck (#311) * Fixed typo (#313) * update redis version to use new functions (#318) * Update tutorial related docs (#315) * Revert oom fix change (#320) * make circle ci fail when test case fails (#317) * Add disable logging option to fix oom (#323) * Add disable logging option to fix oom * Fix modular input bug * Fixing api server (#322) * fixed multiple attributes * debug * Py3 upgrade (#291) * init commit for python 3 migration * migrate to py3 for test * Fix import issue * Fix test cases * Fix jinja test case * Fix multiprocess issue * Fix a few warnings * Fix test case fail * Fix test case * Fix cluster test cases * Fix set_conf error * Fix shebang * Remove logutils lib from source * Fix splunkstream import error * Remove logutils from requirements.txt * Fix build spl error * Change code block indent * Fix doc anchor issue * Fix app running on Splunk 8.0 issue * Fix xrange issue introduced by develop branch * Fix merge bug * Fix bug * remove logutils * Fix makefile bug * Fix configparser bug * Change filter function * Bump version to 7.0.0 * Fix dateutil package bug * update eventgen version to 7.1.0 Co-authored-by: Tony Lee <[email protected]> Co-authored-by: Li Wu <[email protected]> Co-authored-by: Li Wu <[email protected]> Co-authored-by: Tony Lee <[email protected]> Co-authored-by: Jack Meixensperger <[email protected]> Co-authored-by: Patrik Nordlén <[email protected]> Co-authored-by: David Wang <[email protected]> Co-authored-by: Erwin Vrolijk <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Ryan Faircloth <[email protected]>

Patrik Nordlén added 3 commits September 12, 2019 00:27

Add syslog related settings

a3e4a74

Add syslogAddHeader spec

85eb400

Implement syslogAddHeader functionality

adbe869

patriknordlen requested review from arctan5x, GordonWang, jmeixensperger, lephino and li-wu as code owners September 11, 2019 22:46

patriknordlen mentioned this pull request Sep 18, 2019

[FEATURE/IMPROVEMENT] Add syslog header with user-specified hostname #299

Closed

arctan5x previously approved these changes Sep 18, 2019

View reviewed changes

li-wu reviewed Sep 18, 2019

View reviewed changes

Fix host/header typo

7ba28ee

patriknordlen dismissed arctan5x’s stale review via 7ba28ee September 19, 2019 14:21

li-wu self-requested a review September 20, 2019 01:18

li-wu previously approved these changes Sep 20, 2019

View reviewed changes

Merge branch 'develop' into syslog_add_header

c488747

GordonWang reviewed Sep 21, 2019

View reviewed changes

GordonWang suggested changes Sep 21, 2019

View reviewed changes

Patrik Nordlén added 4 commits September 23, 2019 07:26

Add syslogout test with syslogAddHeader = true

4fd0f9f

Add comment explaining purpose of HostFilter

d296c70

Add info on usage of host in syslogout mode

f2f6a0e

Merge branch 'syslog_add_header' of https://github.com/patriknordlen/…

05c8d0d

…eventgen into syslog_add_header

patriknordlen dismissed li-wu’s stale review via 05c8d0d September 23, 2019 05:28

patriknordlen requested a review from GordonWang September 23, 2019 05:51

li-wu self-requested a review September 24, 2019 05:36

li-wu approved these changes Sep 24, 2019

View reviewed changes

GordonWang reviewed Sep 24, 2019

View reviewed changes

GordonWang approved these changes Sep 24, 2019

View reviewed changes

GordonWang merged commit 906e4d9 into splunk:develop Sep 24, 2019

Add syslogAddHeader config directive #296

Add syslogAddHeader config directive #296

Uh oh!

Conversation

patriknordlen commented Sep 11, 2019

Uh oh!

li-wu commented Sep 12, 2019

Uh oh!

patriknordlen commented Sep 12, 2019

Uh oh!

patriknordlen commented Sep 17, 2019

Uh oh!

li-wu commented Sep 18, 2019

Uh oh!

patriknordlen commented Sep 18, 2019

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

GordonWang commented Sep 21, 2019

Uh oh!

GordonWang left a comment

Choose a reason for hiding this comment

Uh oh!

patriknordlen commented Sep 23, 2019

Uh oh!

GordonWang left a comment

Choose a reason for hiding this comment

Uh oh!

GordonWang left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!