Table of Contents
- Field Names
Welcome to Project lumberjack
lumberjack is an open-source project to update and enhance the event log architecture.
lumberjack aims to improve the creation and standardize the content of event logs by implementing the concepts and specifications proposed by the Common Event Expression (CEE).
The goal is to not only provide developers and users with improved event logs, but also help build better utilities.
The lumberjack project is hosted as a Fedora project by Red Hat. The project is currently supported by:
Lumberjack log flow is not very different from traditional log flow. The main difference is libumberlog library that provides ul_syslog() function where programmer can define it's own Lumberjack message fields and it's content.
Lumberjack compounds of applications emmiting logs with ul_syslog() function, libumberlog library providing ul_syslog, syslog implementation supporting Lumberjack (rsyslog, syslog-ng), ceelog tool and library for filtering and searching logs and optionally mongoDB as a log store. The following picture shows typical log message flow in system with Lumberjack.
In this picture, log flow begin at the left side, where logs are emitted by applications. For log emmiting you can either use syslog() function as usual, or use new libumberlog function called ul_syslog() that is part of libumberlog library. Here is how to use ul_syslog() function. Logs are then submitted to syslog. Instructions for rsyslog and syslog-ng configuration are on this wiki. Lumberjack logs can be handled there as any other log messages. Syslog can filter them, rate-limit or transmit to central log server, etc. According to syslog configuration, lumberjack logs are then written either to log file, mongoDB (those two are prefered options) or anywhere else if used syslog implementation supports it.
However log collection is just first part. The second one is checking, parsing and searching collected logs. You can use ceelog utility that is designed specially for searching and filtering lumberjack log messages. Here is how to use it.
If you are interested in lumberjack, please subscribe to the lumberjack mailing list.
IRC: #lumberjack on freenode
- lumberjack XML Schema; examples XML, JSON
- List of field names with type and description
- A drop-in replacement for syslog.h that provides structured logging support github
- XML Schema development
- git clone git://git.fedorahosted.org/git/lumberjack.git
- Tool and library for receiving, filtering and searching a stream or log of Lumberjack syslog records is available at fedorahosted
Keith Robertson: kroberts@…
Milan Bartos: mbartos@…