Export entries from systemd's journal and send them to a Graylog server using gelf. This script is written in Google go to make it easier to compile and distribute to your machines.
- this repo includes https://github.com/DECK36/go-gelf
- Google golang
Compile this package by checking out the repo and run:
go get github.com/parse-nl/SystemdJournal2Gelf
The binary will be compiled in $GOPATH/bin/SystemdJournal2Gelf
Or install the package for:
Copy the included SystemdJournal2Gelf.service
to /etc/systemd/system
.
SystemdJournal2Gelf will connect to the server you specify as first argument and passes all other arguments to journalctl. It prepends these arguments with --output=json
- Export only the kernel messages
SystemdJournal2Gelf localhost:11201 _TRANSPORT=kernel
- Perform initial import, reading entire journal
SystemdJournal2Gelf localhost:11201 --merge
- Monitor the journal
SystemdJournal2Gelf localhost:11201 --follow
Letting this script decode json encoded properties in Messages has been removed, please see this issue that explains how to configure graylog to do that instead
Copyright (c) 2016-2021, Parse Software Development B.V.
Released under the Simplified BSD license, see LICENSE for details.