Skip to content
/ tailJS Public
forked from messeiry/tailJS

Using nodeJS to tail / Monitor Remote files over ssh Async

Notifications You must be signed in to change notification settings

ahhatem/tailJS

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

tailJS

Developed and Designed by : Mohamed ELMesseiry @ 2016 [email protected]

the code below can read a configuration file that contains a list of log files on remote Linux / Unix Servers. we tail remotely those files and when changes happen we use the configuration in the file to to extract notifications parameters from teh log entries or even set default values for different fields.

The Below is a Sample of a configuration file written in JSON formate { "[email protected]": [ { "fileName": "/var/log/NodeJsTest", "fileDescription": "the first file", "GlobalFilterRegex": ".?", "EventMap": [ { "filterName" : "filter_Error", "filterRegex" : "error", "timeStampRegex": "default:now", "eventNameRegex": "default:CriticalSymptom", "elementNameRegex": "default:10.10.10.50", "instanceNameRegex": "default:CRM_ApplicationService", "classNameRegex": "default:SoftwareService", "severityRegex": "default:Critical" }, { "filterName" : "filter_URL", "filterRegex" : "url", "timeStampRegex": "default:now", "eventNameRegex": "default:CriticalSymptom", "elementNameRegex": "'(.?)'", "instanceNameRegex": "default:CRM_ApplicationService", "classNameRegex": "default:SoftwareService", "severityRegex": "default:Critical" }, { "filterName" : "filter_Critical", "filterRegex" : "Not Error", "timeStampRegex": "default:now", "eventNameRegex": "default:CriticalSymptom", "elementNameRegex": "default:10.10.10.50", "instanceNameRegex": "default:CRM_ApplicationService", "classNameRegex": "default:SoftwareService", "severityRegex": "default:Critical" } ] }, { "fileName": "/var/log/NodeJsTest2", "fileDescription": "the first file", "GlobalFilterRegex": ".?", "EventMap": [ { "filterName" : "filter_Error", "filterRegex" : "error", "timeStampRegex": "default:now", "eventNameRegex": "default:CriticalSymptom", "elementNameRegex": "default:10.10.10.50", "instanceNameRegex": "default:CRM_ApplicationService", "classNameRegex": "default:SoftwareService", "severityRegex": "default:Critical" }, { "filterName" : "filter_URL", "filterRegex" : "url", "timeStampRegex": "default:now", "eventNameRegex": "default:CriticalSymptom", "elementNameRegex": "'(.?)'", "instanceNameRegex": "default:CRM_ApplicationService", "classNameRegex": "default:SoftwareService", "severityRegex": "default:Critical" }, { "filterName" : "filter_Critical", "filterRegex" : "Not Error", "timeStampRegex": "default:now", "eventNameRegex": "default:CriticalSymptom", "elementNameRegex": "default:10.10.10.50", "instanceNameRegex": "default:CRM_ApplicationService", "classNameRegex": "default:SoftwareService", "severityRegex": "default:Critical" } ] } ], "[email protected]": [ { "fileName": "/var/log/NodeJsTest", "fileDescription": "the first file", "GlobalFilterRegex": ".?", "EventMap": [ { "filterName" : "filter_Error", "filterRegex" : "error", "timeStampRegex": "default:now", "eventNameRegex": "default:CriticalSymptom", "elementNameRegex": "default:10.10.10.50", "instanceNameRegex": "default:CRM_ApplicationService", "classNameRegex": "default:SoftwareService", "severityRegex": "default:Critical" }, { "filterName" : "filter_URL", "filterRegex" : "url", "timeStampRegex": "default:now", "eventNameRegex": "default:CriticalSymptom", "elementNameRegex": "'(.?)'", "instanceNameRegex": "default:CRM_ApplicationService", "classNameRegex": "default:SoftwareService", "severityRegex": "default:Critical" }, { "filterName" : "filter_Critical", "filterRegex" : "Not Error", "timeStampRegex": "default:now", "eventNameRegex": "default:CriticalSymptom", "elementNameRegex": "default:10.10.10.50", "instanceNameRegex": "default:CRM_ApplicationService", "classNameRegex": "default:SoftwareService", "severityRegex": "default:Critical" } ] } ]

}

for each log file there is GlobalFilterRegex which simply will pass only the notifications that pass the RegEx test.

the Keyword Default means the text after default will be taken as athe default value of the field.

if the default keyword is not there the code will parse the input based on the Regex value stated in the configuration file.

Evaluate a recived input from Stdout against the aviable filters. function Evaluatemessage(msg, EventMap, source, childProcessID, serverInProcess) Note: notifications and events will be created only for the first filter that matches, the rest will be ignored.

Sending Traps is by using the below function: function sendSNMPTrap(timeStampValue, eventNameValue,elementNameValue,instanceNameValue,classNameValue,severityValue,source,msg, filterName, serverInProcess)

the below commands can be used for troublshooting: to check the usage of a process : ps -p 3622 -o %cpu,%mem,cmd

to capture the Dump for the SNMP Traps Recieved : [root@Smarts102 ~]# tcpdump -i eth3 -n "dst host 10.10.10.50 and dst port 162"

the recieved trap should loop like this in the tcp dump : 09:15:11.720071 IP 10.10.10.134.56824 > 10.10.10.50.snmptrap: V2Trap(354) .1.3.6.1.2.1.1.3.0=12689 .1.3.6.1.6.3.1.1.4.1.0=.1.3.6.1.4.1.2000.1 .1.3.6.1.2.1.1.0.0.7.1="11/3/2016, 9:15:13 AM" .1.3.6.1.2.1.1.0.0.7.2="CriticalSymptom" .1.3.6.1.2.1.1.0.0.7.3="url1" .1.3.6.1.2.1.1.0.0.7.4="CRM_ApplicationService" .1.3.6.1.2.1.1.0.0.7.5="SoftwareService" .1.3.6.1.2.1.1.0.0.7.6="default" .1.3.6.1.2.1.1.0.0.7.7="/var/log/NodeJsTest" .1.3.6.1.2.1.1.0.0.7.8="playVideo('url1') BREAK playVideo('url2') BREAK playVideo('url3')"

About

Using nodeJS to tail / Monitor Remote files over ssh Async

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 98.1%
  • Shell 1.9%