{"id":37029876,"url":"https://github.com/palindromicity/simple-syslog-5424","last_synced_at":"2026-01-14T03:36:56.331Z","repository":{"id":53103948,"uuid":"133686536","full_name":"palindromicity/simple-syslog-5424","owner":"palindromicity","description":"A java library for parsing valid RFC 5324 syslog","archived":false,"fork":false,"pushed_at":"2025-05-17T14:32:24.000Z","size":307,"stargazers_count":6,"open_issues_count":0,"forks_count":7,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-05-17T15:30:18.072Z","etag":null,"topics":["antlr4","java-8","syslog","syslog5424"],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/palindromicity.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2018-05-16T15:25:56.000Z","updated_at":"2025-05-17T14:32:25.000Z","dependencies_parsed_at":"2025-05-17T15:24:47.114Z","dependency_job_id":"41bf3000-faac-4d75-adfb-08a138c35287","html_url":"https://github.com/palindromicity/simple-syslog-5424","commit_stats":null,"previous_names":[],"tags_count":19,"template":false,"template_full_name":null,"purl":"pkg:github/palindromicity/simple-syslog-5424","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/palindromicity%2Fsimple-syslog-5424","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/palindromicity%2Fsimple-syslog-5424/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/palindromicity%2Fsimple-syslog-5424/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/palindromicity%2Fsimple-syslog-5424/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/palindromicity","download_url":"https://codeload.github.com/palindromicity/simple-syslog-5424/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/palindromicity%2Fsimple-syslog-5424/sbom","scorecard":{"id":718350,"data":{"date":"2025-08-11","repo":{"name":"github.com/palindromicity/simple-syslog-5424","commit":"f929bb2163e44eeb75afb0270495bc72a8bea083"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Code-Review","score":0,"reason":"Found 2/22 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 14 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-22T10:26:39.220Z","repository_id":53103948,"created_at":"2025-08-22T10:26:39.220Z","updated_at":"2025-08-22T10:26:39.220Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408850,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["antlr4","java-8","syslog","syslog5424"],"created_at":"2026-01-14T03:36:55.422Z","updated_at":"2026-01-14T03:36:56.324Z","avatar_url":"https://github.com/palindromicity.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Build Status](https://travis-ci.org/palindromicity/simple-syslog-5424.svg?branch=master)](https://travis-ci.org/palindromicity/simple-syslog-5424)\n\n### Simple Syslog 5424\n\nA java library for parsing valid Syslog [IETF RFC 5424](https://tools.ietf.org/html/rfc5424) logs.\nThe library provides it's own parser implementation, but also exposes the Antlr generated base classes\nand interfaces should you want your own implemenation.\n\n## Basic Usage\n\nA simple, default usage to parser a Syslog RFC 5424 log line is to build a SyslogParser\nwith the defaults, and pass it the line.\n\n```java\n SyslogParser parser = new SyslogParserBuilder().build();\n Map\u003cString,Object\u003e syslogMap = parser.parseLine(syslogLine);\n\n```\n\nTo parse a number of Syslog lines together, say from a file you would create\na `Reader` and all `parseLines`\n\n```java\n  List\u003cMap\u003cString,Object\u003e\u003e syslogMapList = null;\n  SyslogParser parser = new SyslogParserBuilder().build();\n  try (Reader reader = new BufferedReader(new FileReader(new File(fileName)))) {\n      syslogMapList = parser.parseLines(reader);\n  }\n\n```\n\nBoth `parseLine` and `parseLines` also provide a functional interface if you prefer that style.\nJust pass a `Consumer` to the function.\n\n```java\n SyslogParser parser = new SyslogParserBuilder().build();\n syslogMap = parser.parseLine(syslogLine, (syslogMap) -\u003e {\n   // do something with map\n });\n\n```\n\n```java\n  SyslogParser parser = new SyslogParserBuilder().build();\n  try (Reader reader = new BufferedReader(new FileReader(new File(fileName)))) {\n      parser.parseLines(reader, (map) -\u003e {\n        // do something with each map\n      });\n  }\n\n```\n\n```java\n SyslogParser parser = new SyslogParserBuilder().build();\n  try (Reader reader = new BufferedReader(new FileReader(new File(fileName)))) {\n      parser.parseLines(reader, (map) -\u003e {\n        // do something with each map\n      }, (line, throwable) -\u003e {\n        // do something for a failed line\n      });\n  }\n```\n\n### Options\n\nThe `SyslogParserBuilder` supports options for changing the `AllowableVariations`, the `SyslogSpecifictation` and the `KeyProvider`.\n\n##### AllowableDeviations\n\nAllowable deviations from the RFC 5424 specification. This allows for fields required by the specification, but perhaps\nomitted by convention to be missing, and a line that is by specificiation technically incorrect to still parse.\n\nThis is specificed by an {@code EnumSet}\n\n```java\n/**\n   * Properly formed RFC 5424 Syslog.\n   */\n  NONE,\n  /**\n   * RFC 5424 Syslog that does not have PRIORITY.\n   */\n  PRIORITY,\n  /**\n   * RFC 5424 Syslog that does not have VERSION.\n   */\n  VERSION\n```\n\n##### KeyProvider\n\nA `KeyProvider` is used to provide the map keys for the Syslog data.\nThe default `KeyProvider` : `DefaultKeyProvider` provides keys using the `SyslogKeys`:\n\n```java\n MESSAGE(\"syslog.message\"),\n   HEADER_APPNAME(\"syslog.header.appName\"),\n   HEADER_HOSTNAME(\"syslog.header.hostName\"),\n   HEADER_PRI(\"syslog.header.pri\"),\n   HEADER_PRI_SEVERITY(\"syslog.header.severity\"),\n   HEADER_PRI_FACILITY(\"syslog.header.facility\"),\n   HEADER_PROCID(\"syslog.header.procId\"),\n   HEADER_TIMESTAMP(\"syslog.header.timestamp\"),\n   HEADER_MSGID(\"syslog.header.msgId\"),\n   HEADER_VERSION(\"syslog.header.version\"),\n   STRUCTURED_BASE(\"syslog.structuredData.\"),\n   STRUCTURED_ELEMENT_ID_FMT(\"syslog.structuredData.%s\"),\n   STRUCTURED_ELEMENT_ID_PNAME_FMT(\"syslog.structuredData.%s.%s\"),\n   STRUCTURED_ELEMENT_ID_PNAME_PATTERN(\"syslog.structuredData\\\\.(.*)\\\\.(.*)$\");\n\n```\n\nA custom `KeyProvider` can be supplied to the `SyslogParserBuilder` if there is a different key strategy required.\n\n##### NilPolicy\n\nThe `NilPolicy` governs how the parser handles _nil_ message parts. That is message parts that can be _nil_ as part of a valid message;\n\n- HOSTNAME\n- APPNAME\n- PROCID\n- MSGID\n- TIMESTAMP\n\n###### Policies\n\n- OMIT : The map will not contain an entry for that field\n- NULL : The map will contain a null entry for that field\n- DASH : The map will contain a '-' for that field\n\nThe default policy is `OMIT`.\n\n### Creating your own Parsers\n\nSimple Syslog 5424 uses [Antlr 4](http://www.antlr.org) to generate the `Listener` that the parser is based on.\nThe generated `Rfc5424Listener` and `Rfc5424Visitor` interfaces, or `Rfc5424BaseListener` and `Rfc5424BaseVisitor` classes,\nmay be used to implement new parsers as well in the event that you prefer different handling.\n\nImplementors would then build their own parsers or builders etc. In other words the use of this library would\nminimally be the Antlr classes alone.\n\nFor example you would build a 'parser' that used your implementations, most likely implemented like this:\n\n```java\n    Rfc5424Lexer lexer = new Rfc5424Lexer(new ANTLRInputStream(syslogLine));\n    Rfc5424Parser parser = new Rfc5424Parser(new CommonTokenStream(lexer));\n    Rfc5424Listener listener = new MyCustomListener(keyProvider);\n    parser.addParseListener(listener);\n    Rfc5424Parser.Syslog_msgContext ctx = parser.syslog_msg();\n    return listener.getMyCustomResult();\n```\n\n### Questions\n\n- **_Why not just use [java-grok](https://github.com/thekrakken/java-grok)?_**\n\n  Though I love java-grok (it is used in [Apache Metron](https://metron.apache.org) and [Apache Nifi](https://nifi.apache.org) which I contribute to), and have even\n  submitted PRs to it, it and other Regex based parsers do not handle Syslog 5424 Structured Data. I wanted something\n  that did. I have not found any regex based approach which handles structured data in a single pass. If you find one, let me know!\n\n- **_Why not fix the groks to handle it? Or create regexes outside of grok?_**\n\n  I'm not good enough at regex, and couldn't write something that worked single pass.\n\n- **_Why not write a custom state machine type parser?_**\n\n  I like Antlr and wanted to try it ;)\n\n---\n\n```xml\n\u003cdependency\u003e\n  \u003cgroupId\u003ecom.github.palindromicity\u003c/groupId\u003e\n  \u003cartifactId\u003esimple-syslog-5424\u003c/artifactId\u003e\n  \u003cversion\u003eVERSION\u003c/version\u003e\n  \u003ctype\u003epom\u003c/type\u003e\n\u003c/dependency\u003e\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpalindromicity%2Fsimple-syslog-5424","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpalindromicity%2Fsimple-syslog-5424","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpalindromicity%2Fsimple-syslog-5424/lists"}