[syslog-ng] [ANN]: balabit.logstore 0.1.0 - Open Source LogStore reader API

Gergely Nagy algernon at balabit.hu
Sat Dec 15 18:40:41 CET 2012

PACKAGE   : com.balabit/logstore
VERSION   : 0.1.0
SUMMARY   : Rewritten from scratch, now includes simple Java API
DATE      : 2012 December 15
HOMEPAGE  : http://algernon.github.com/balabit.logstore


  The balabit.logstore project is a library written in Clojure, that
  tries to provide a convenient API to read syslog-ng PE LogStore files.

  The reason behind the implementation is to have an independent, open
  source reader for the LogStore file format, so that one is not tied to
  syslog-ng to read one's logs stored in this format. An open
  implementation makes it possible to read these logs on systems where
  syslog-ng is not installed, or where the lgstool program is not

  LogStore itself is a storage format for log messages, supporting
  encryption, compression, secure timestamps, serialized messages (think
  name-value pairs as opposed to just a plain, formatted string) and a
  lot more. This format is being opened, and this library is meant to
  provide an implenetation for a LogStore reader, that will eventually
  support reading all kinds of LogStore files.

  This release is a complete rewrite of an earlier attempt, and this
  time, it comes with a simple Java API.



  (ns example
    (:require [balabit.logstore.sweet :as logstore]))

  (prn (logstore/messages (logstore/from-file "/path/to/logstore/messages.store")))


  import BalaBit.LogStore;
  import clojure.lang.LazySeq;
  import clojure.lang.Keyword;
  import java.util.Map;

  public class LGSCat {
    public static void main(String[] args) {
      Keyword k = BalaBit.LogStore.keyword("MESSAGE");
      Object o = BalaBit.LogStore.fromFile (args[0]);
      LazySeq s = (LazySeq) BalaBit.LogStore.messages (o);

      for (Object m : s.toArray()) {
        Map msg = (Map) m;

 More examples can be found bundled with the sources, and as part of
 the documentation:


  The library - while still experimental - can read most unencrypted
  LogStores, created by syslog-ng PE 4.0 or any later version, and the
  messages stored within can be explored.

  It comes with a test suite and quite a few examples.


  The library is very simple right now, the error handling is pretty
  much non-existent, and it does not perform any kind of validation. The
  Java API is very thin, and exposes far more Clojure-isms than it
  ideally should, this will be improved upon in the future.

  Once things stabilized a bit, we plan to publish ready to use JAR
  files that can be used from any Java or Clojure project.


  The source is available from the git repository at github:

  Documentation and more information about the library is available on
  its homepage at http://algernon.github.com/balabit.logstore/.


More information about the syslog-ng mailing list