napalm-logs is an Open Source cross-vendor normalisation for network syslog messages, following the OpenConfig and IETF YANG models maintained by napalm-automation.
Copy the example configuration in napalm_logs.yaml.example
to /opt/stackstorm/configs/napalm_logs.yaml and edit as required.
It should look like this:
---
server_address: 1.1.1.1
server_port: 49017
auth_address: 1.1.1.1
auth_port: 49018
certificate_file: /opt/stackstorm/configs/napalm-logs.crtPlace your ssl certificate for the napalm-logs server in /opt/stackstorm/configs/napalm-logs.crt or another location and update certificate_file in the config file.
After editing, run sudo st2ctl reload --register-configs to ensure your configuration
is loaded.
Napalm-logs registers a sensor, napalm_logs_client which runs a client that connects to the napalm-logs server. Any and all parsed logs receieved from the server will fire a napalm_logs.log trigger into st2 containing the payload of the log.