syslog 协议及其在 SysLogHandler 中的使用

syslog：syslog 是一种主从式协议，通常发送给 syslogd，syslog daemon，syslog服务器等，通常用于信息系统管理及信息安全审核，它使用UDP协议作为它的传输层协议，其默认使用UDP端口514

介绍参考： https://www.jiankongyi.com/q/?/article/159

1. 编写如下python代码

#!/usr/bin/python2
# coding=utf-8
import sys
import socket
import logging
from logging.handlers import SysLogHandler


def send(msg):
	server = '127.0.0.1'
	port = '514'
	protocol = 'udp'
	data_stream = socket.SOCK_DGRAM
	if protocol == 'tcp':
		data_stream = socket.SOCK_STREAM

	formatter = logging.Formatter('%(asctime)s '+socket.gethostname()+' %(levelname)s %(message)s', '%b %d %H:%M:%S')
	logger = logging.getLogger('cnlogger')
	syslog = SysLogHandler(address=(server, int(port)), socktype=data_stream)
	syslog.setFormatter(formatter)
	logger.addHandler(syslog)
	logger.setLevel('INFO')
	try:
		# logger.info(msg.decode('utf-8', 'ignore').encode('gb2312'))  # )
		logger.info(msg)
	except Exception as e:
		print(e)
	finally:
		logger.removeHandler(syslog)
		syslog.close()


if __name__ == '__main__':
	send('hello world.')

　　

2. 通过 wireshark或者3cdaemon工具作为 syslog服务器，即可捕获到发送的消息