Merge pull request #23 from jmpsec/graylog-fix

Graylog fix and logging test tool
jmpsec · Oct 13, 2019 · 0bad1ed · 0bad1ed
2 parents 876ee06 + df2cfcf
commit 0bad1ed
Show file tree

Hide file tree

Showing 2 changed files with 88 additions and 24 deletions.
diff --git a/plugins/graylog_logging/plugin.go b/plugins/graylog_logging/plugin.go
@@ -42,44 +42,42 @@ func GraylogSend(logType string, data []byte, environment, uuid, url string, deb
 	var logs []interface{}
 	err := json.Unmarshal(data, &logs)
 	if err != nil {
-		log.Printf("error parsing log %s %v", string(data), err)
+		log.Printf("error parsing logs %s %v", string(data), err)
 	}
 	// Prepare data to send
-	var messages []GraylogMessage
 	for _, l := range logs {
-		jsonMessage, err := json.Marshal(l)
+		logMessage, err := json.Marshal(l)
 		if err != nil {
-			log.Printf("Error parsing data %s", err)
+			log.Printf("error parsing log %s", err)
 			continue
 		}
 		messsageData := GraylogMessage{
 			Version:      graylogVersion,
 			Host:         graylogHost,
-			ShortMessage: string(jsonMessage),
+			ShortMessage: string(logMessage),
 			Timestamp:    time.Now().Unix(),
 			Level:        graylogLevel,
 			Environment:  environment,
 			Type:         logType,
 			UUID:         uuid,
 		}
-		messages = append(messages, messsageData)
-	}
-	// Serialize data using GELF
-	jsonMessages, err := json.Marshal(messages)
-	if err != nil {
-		log.Printf("Error parsing data %s", err)
-	}
-	jsonParam := strings.NewReader(string(jsonMessages))
-	if debug {
-		log.Printf("Sending %d bytes to Graylog for %s - %s", len(data), environment, uuid)
-	}
-	// Send log with a POST to the Graylog URL
-	resp, body, err := utils.SendRequest(graylogMethod, url, jsonParam, headers)
-	if err != nil {
-		log.Printf("Error sending request %s", err)
-		return
-	}
-	if debug {
-		log.Printf("Graylog: HTTP %d %s", resp, body)
+		// Serialize data using GELF
+		jsonMessage, err := json.Marshal(messsageData)
+		if err != nil {
+			log.Printf("error marshaling data %s", err)
+		}
+		jsonParam := strings.NewReader(string(jsonMessage))
+		if debug {
+			log.Printf("Sending %d bytes to Graylog for %s - %s", len(data), environment, uuid)
+		}
+		// Send log with a POST to the Graylog URL
+		resp, body, err := utils.SendRequest(graylogMethod, url, jsonParam, headers)
+		if err != nil {
+			log.Printf("error sending request %s", err)
+			return
+		}
+		if debug {
+			log.Printf("Graylog: HTTP %d %s", resp, body)
+		}
 	}
 }
diff --git a/tools/fake_logging.py b/tools/fake_logging.py
@@ -0,0 +1,66 @@
+#!/usr/bin/env python
+# coding=utf-8
+#
+# Script to simulate HTTP logging services (Graylog, Splunk...) for osctrl
+#
+# Usage: python fake_logging.py port
+#
+
+_NAME = "FakeServerLogging"
+_BIND = "0.0.0.0"
+_PARAMS = 2
+
+_UTF = 'utf-8'
+
+import http.server
+import socketserver
+import sys
+import time
+import json
+
+
+class FakeServer(http.server.SimpleHTTPRequestHandler):
+    def _set_headers(self):
+        self.send_response(200)
+        self.send_header('Content-type', 'application/json')
+        self.end_headers()
+
+    def do_GET(self):
+        self._set_headers()
+        self.wfile.write(bytes("{'text':'Success','code':0}", _UTF))
+
+    def do_POST(self):
+        content_length = int(self.headers['Content-Length'])
+        post_data = self.rfile.read(content_length)
+        self._set_headers()
+        self.wfile.write(bytes("{'text':'Success','code':0}", _UTF))
+        print(
+            "-----------------------------------Headers-----------------------------------------"
+        )
+        print(str(self.headers))
+        print(
+            "------------------------------------Body-------------------------------------------"
+        )
+        print(json.dumps(json.loads(post_data.decode(_UTF)), indent=4))
+        print(
+            "-----------------------------------------------------------------------------------"
+        )
+
+
+if __name__ == '__main__':
+    if len(sys.argv) < _PARAMS:
+        print
+        print('Usage: ' + sys.argv[0] + ' port')
+        exit(1)
+
+    _port = int(sys.argv[1])
+
+    httpd = socketserver.TCPServer((_BIND, _port), FakeServer)
+    print(time.asctime(), _NAME + ' UP - %s:%s' % (_BIND, _port))
+
+    try:
+        httpd.serve_forever()
+    except KeyboardInterrupt:
+        pass
+    httpd.server_close()
+    print(time.asctime(), _NAME + ' DOWN - %s:%s' % (_BIND, _port))