wiki:WikiStart
Last modified 14 months ago Last modified on 02/18/13 13:32:38

Welcome to Project lumberjack


Overview

lumberjack is an open-source project to update and enhance the event log architecture.

lumberjack aims to improve the creation and standardize the content of event logs by implementing the concepts and specifications proposed by the Common Event Expression (CEE).

The goal is to not only provide developers and users with improved event logs, but also help build better utilities.

The lumberjack project is hosted as a Fedora project by Red Hat. The project is currently supported by:


Lumberjack

Lumberjack log flow is not very different from traditional log flow. The main difference is libumberlog library that provides ul_syslog() function where programmer can define it's own Lumberjack message fields and it's content.
Lumberjack compounds of applications emmiting logs with ul_syslog() function, libumberlog library providing ul_syslog, syslog implementation supporting Lumberjack (rsyslog, syslog-ng), ceelog tool and library for filtering and searching logs and optionally mongoDB as a log store. The following picture shows typical log message flow in system with Lumberjack.

http://mbartos.fedorapeople.org/lumberjack_log_flow.png

In this picture, log flow begin at the left side, where logs are emitted by applications. For log emmiting you can either use syslog() function as usual, or use new libumberlog function called ul_syslog() that is part of libumberlog library. Here is how to use ul_syslog() function. Logs are then submitted to syslog. Instructions for rsyslog and syslog-ng configuration are on this wiki. Lumberjack logs can be handled there as any other log messages. Syslog can filter them, rate-limit or transmit to central log server, etc. According to syslog configuration, lumberjack logs are then written either to log file, mongoDB (those two are prefered options) or anywhere else if used syslog implementation supports it.
However log collection is just first part. The second one is checking, parsing and searching collected logs. You can use ceelog utility that is designed specially for searching and filtering lumberjack log messages. Here is how to use it.


Mailing List

If you are interested in lumberjack, please subscribe to the lumberjack mailing list.


IRC

IRC: #lumberjack on freenode


Contents

Code Repository

libumberlog
A drop-in replacement for syslog.h that provides structured logging support github
XML Schema development
git clone git://git.fedorahosted.org/git/lumberjack.git
ceelog
Tool and library for receiving, filtering and searching a stream or log of Lumberjack syslog records is available at fedorahosted

Maintainer

Keith Robertson: kroberts@…
Milan Bartos: mbartos@…

Attachments