PK KC2u" ! heka-py-cef-latest/searchindex.jsSearch.setIndex({objects:{},terms:{represent:3,all:2,code:2,show:3,thi:[1,2],syslog_prior:[2,3],obtain:2,requestmethod:3,syslog_facil:[2,3],through:2,dirnam:1,value_str:3,follow:[2,3],attemp:2,cs1:3,value_typ:3,"469733c560e4":3,bind:2,layout:[4,3],uuid:3,how:[4,1],holder:2,heka_cef:2,configur:[4,1,2],send:4,better:1,theme:1,"9c43":3,config_plugin:2,mail:2,log_cef:2,local:[1,3],sent:2,cef:[4,2,3],string:3,thei:2,get:3,handl:2,timestamp:3,"__file__":1,auth:2,ident:[2,3],"new":2,mozilla_sphinx_them:1,daemon:2,name:[2,3],authent:2,server:[4,2],kern:[2,3],provid:[4,2],my_funny_app:[2,3],have:2,each:2,debug:2,found:4,metadata:3,where:2,page:4,remov:1,emerg:[2,3],pleas:2,set:2,edt:3,captur:[2,3],some:2,cron:2,syslog:[2,3],see:2,sampl:2,captcha_failur:2,pass:3,syslog_id:[2,3],registri:2,librari:2,out:3,index:4,what:4,said:2,network:2,get_client:2,section:[2,3],though:2,payload:3,written:3,version:1,"import":[1,2],method:2,refer:2,signatur:2,run:2,kei:2,exampl:[2,3],usag:[4,2],here:2,heka_plugin_:2,weav:3,passwd_reset_clr:2,local5:2,path:1,html_theme_path:1,local6:2,local1:2,local0:2,local3:2,"515f":3,src:3,search:4,heka:[4,2,3],context:2,suser:3,router:4,chang:2,user:2,suffix:2,modul:[4,2],pygments_styl:1,mysuperbrows:3,api:[0,4],done:2,been:2,html_theme:1,crit:2,instal:1,local4:2,facil:2,your:[1,2],prioriti:[2,3],from:2,log:[4,2],wai:2,heka_plugin_cef:2,support:2,sep:3,system:2,messag:[4,2,3],avail:2,account_lock:2,includ:[4,3],local7:2,cef_meta:3,care:1,type:3,more:4,field:[2,3],requestclientappl:3,option:2,sandston:1,mozilla:[4,1,3],envvers:3,about:4,notic:2,db90:3,warn:2,part:2,extens:4,sens:2,impati:2,logger:3,must:2,info:2,enjoi:1,none:3,endpoint:4,err:2,"default":2,servic:4,plugin:[4,2],victor:3,air:3,dest:3,record:2,can:[4,2],auth_failur:2,"export":2,similar:2,constant:2,file:[1,2],pid:[2,3],ani:2,indic:4,override_failur:2,strongli:2,raw:2,exist:2,ini:2,conf:1,tabl:4,need:1,cef_plugin:2,sever:3,alwai:2,uucp:2,engin:1,suggest:2,make:2,detail:[4,2,3],cs1label:3,note:2,also:1,valid:2,take:1,you:[1,2],document:[0,1,2,4],complet:[2,3],hostnam:3,normal:2,usernam:2,after:2,local2:2,alert:2,impot:2,facilti:3,okai:1,plan:4,mai:1,multipl:2,macbook:3,demonstr:2,sphinx:1,read:4,doc:4,request:[2,3],lpr:2,without:2,inform:4,client:2,environ:2,allow:2,hekad:[2,3],tast:1},objtypes:{},titles:["API documentation","Mozilla sphinx’s theme","Configuration","Detailed message layout","heka-py-cef"],objnames:{},filenames:["api/cef_plugin","_themes/mozilla/README","config","msg_layout","index"]})PK KCbV heka-py-cef-latest/search.html
Please activate JavaScript to enable the search functionality.
From here you can search these documents. Enter your search words into the box below and click "search". Note that the search function will automatically search for all of the words. Pages containing fewer words won't appear in the result list.
Configuration is normally handled through Heka’s configuration system using INI configuration files. A CEF plugin must use the heka_cef.cef_plugin:config_plugin as the provider of the plugin. The suffix of the configuration section name is used to set the method name on the Heka client. Any part after heka_plugin_ will be used as the method name.
In the following example, we will bind a method cef into the Heka client where we will allow network messages to be sent to the Heka server.
[heka_plugin_cef]
provider=heka_cef.cef_plugin:config_plugin
The CEF plugin provides some optional configuration settings for setting the syslog facility, syslog ident and syslog priority.
By default, the syslog facility will be set to LOCAL4.
Valid facility settings are :
- KERN
- USER
- DAEMON
- AUTH
- LPR
- NEWS
- UUCP
- CRON
- LOCAL0
- LOCAL1
- LOCAL2
- LOCAL3
- LOCAL4
- LOCAL5
- LOCAL6
- LOCAL7
Valid priority settings are :
- EMERG
- ALERT
- CRIT
- ERR
- WARNING
- NOTICE
- INFO
- DEBUG
Syslog options are not supported as they do not make sense in the context of running a hekad daemon. The PID is always captured in a Heka message in the PID field.
Here is one sample configuration demonstrating using all available configuration keys
[heka_plugin_cef]
provider=heka_cef.cef_plugin:config_plugin
syslog_facility=KERN
syslog_ident=my_funny_app
syslog_priority=EMERG
Obtaining a client can be done in multiple ways, please refer to the heka documentation for complete details.
That said, if you are impatient you can obtain a client using get_client. We strongly suggest you do not do this though.
from heka.holder import get_client
Logging CEF records is similar to using the raw CEF library. Constants from the cef library have been exported in the heka_cef module.
For existing code that uses the cef library, you will use the cef method of the heka client. Your code will change from this
from cef import log_cef, AUTH_FAILURE
...
log_cef("Authentication attemped without username", 5,
request.environ, request.registry.settings,
"", signature=AUTH_FAILURE)
to this
from heka.holder impot get_client
import heka_cef
...
client = get_client('heka_cef')
client.cef("Authentication attemped without username", 5,
request.environ, request.registry.settings,
"", signature=heka_cef.AUTH_FAILURE)
Note that the CEF plugin has exported important constants into the heka_cef module.
Constants exported are:
See the cef library for details on each of the constants.
heka-py-cef is a plugin extension for heka-py. heka-py-cef provides an extension to log send CEF messages to a heka server.
More information about how Mozilla Services is using heka (including what is being used for a router and what endpoints are in use / planning to be used) can be found on the Read The Docs page.
A complete CEF message is written out into the payload section of the heka message.
CEF metadata including syslog priority, syslog ident, and syslog facilty are passed as string fields in the Heka message.
The following shows a capture of an example CEF message being captured by hekad.
2013/09/23 12:15:09 <
Timestamp: 2013-09-23 12:15:09.134116864 -0400 EDT
Type: cef
Hostname: Victors-MacBook-Air.local
Pid: 80776
UUID: 95833933-db90-515f-9c43-469733c560e4
Logger:
Payload: Sep 23 12:15:09 Victors-MacBook-Air.local CEF:0|mozilla|weave|3|xx\|x|xx\|x|5|cs1Label=requestClientApplication cs1=MySuperBrowser requestMethod=GET request=/ src=127.0.0.1 dest=127.0.0.1 suser=none
EnvVersion: 0.8
Severity: 6
Fields: [name:"cef_meta.syslog_priority" value_type:STRING representation:"" value_string:"EMERG"
name:"cef_meta.syslog_ident" value_type:STRING representation:"" value_string:"my_funny_app"
name:"cef_meta.syslog_facility" value_type:STRING representation:"" value_string:"KERN"]