Dear developers, contributors, users, etc.
Pedro Reis (@pedromreis) opened a pull request for an UDP output
bot, which can be used to send events to a syslog daemon (and then
picked up by further processing software).
The implementation has the following features:
- Output formats are JSON or delimited by a configurable
character
- a optional header (at beginning of the line) can be set
- `raw` field can be dropped
I can see some potential problems with the 'delimited'-method
here:
- Strings can contain the delimiter itself, which breaks
parsing.
- Strings can contain arbitrary characters like \0 or \n which
breaks everything
Possible solutions could be:
- ignore the problem as it's maybe not relevant
- escape all problematic characters (solves problem with \n)
- quote strings (solves problem with delimiters in strings)
- strip non-printable characters
- drop fields with non-printable characters
- encode strings in base64
As you may have possible applications for this bot or you have
experience with events in syslog, I would appreciate some feedback
from you.
Sebastian
--
// Sebastian Wagner <wagner@cert.at> - T: +43 1 50564167201
// CERT Austria - http://www.cert.at/
// Eine Initiative der nic.at GmbH - http://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg