feat: Syslog input plugin logs remote IP to source tag

[thepacketgeek]

Required for all PRs:

• Updated associated README.md.
• Wrote appropriate unit tests.

resolves #4762

Add remote IP of syslog sender as source tag

This diff adds capturing of the remote IP Address (syslog sender) and adds it as a source tag for each Metric:

$ telegraf --test --config /etc/telegraf/telegraf.conf --input-filter syslog --test-wait 15
2021-06-25T17:55:06Z I! Starting Telegraf 
> syslog,appname=docker-compose,facility=daemon,host=bb8,hostname=droplet,location=home,severity=info,source=10.0.0.12 facility_code=3i,message="<redacted>",severity_code=6i,timestamp=1624643706396113000i,version=1i 1624643706400667198
> syslog,appname=tailscaled,facility=daemon,host=bb8,hostname=dev,location=home,severity=info,source=10.0.0.15 facility_code=3i,message="<redacted>",severity_code=6i,timestamp=1624643706403394000i,version=1i 1624643706407850408

[thepacketgeek]

Testing with provided artifacts: Gist of syslog messages with source tags

I'm planning on rebasing this PR after #8454 is merged

[telegraf-tiger]

Looks like new artifacts were built from this PR. Get them here!

Artifact URLs

• x86_64.rpm

• freebsd_amd64.tar.gz

• linux_amd64.tar.gz

• amd64.deb

• linux_mips.tar.gz

• mips.deb

• s390x.rpm

• linux_s390x.tar.gz

• s390x.deb

• armel.rpm

• linux_armel.tar.gz

• armel.deb

• linux_i386.tar.gzi386.rpm

• freebsd_i386.tar.gz

• i386.deb

• armv6hl.rpm

• freebsd_armv7.tar.gz

• linux_armhf.tar.gz

• armhf.deb

• aarch64.rpm

• linux_arm64.tar.gz

• arm64.deb

• static_linux_amd64.tar.gz

• ppc64le.rpm

• linux_ppc64le.tar.gz

• ppc64el.deb

• linux_mipsel.tar.gz

• mipsel.deb

• windows_amd64.zip

• windows_i386.zip

• darwin_amd64.tar.gz

[sspaink]

@thepacketgeek #8454 has been merged, do you have time to rebase this PR now? Thank you!

[thepacketgeek]

@thepacketgeek #8454 has been merged, do you have time to rebase this PR now? Thank you!

Yup! I should be able to later this week 👍🏻👍🏻

[srebhan]

Thanks for the PR @thepacketgeek! The code looks good, I only have one suggestion regarding the tests to centralize the source tag setting instead of doing it in the metric definition.

[thepacketgeek]

ci/circleci: test-go-mac test failure seems unrelated:

...
✓  plugins/inputs/syslog (2.105s) (coverage: 90.8% of statements)
...
client: writting packet 4
    graylog_test.go:197: 
        	Error Trace:	graylog_test.go:197
        	Error:      	Received unexpected error:
        	            	error writing message: "{\"_name\":\"test1\",\"_tag1\":\"value1\",\"_value\":1,\"host\":\"static.38.39.177.83.cyberlynk.net\",\"short_message\":\"telegraf\",\"timestamp\":1257894000,\"version\":\"1.1\"}", write tcp 127.0.0.1:50582->127.0.0.1:50581: write: broken pipe
        	Test:       	TestWriteTCP/TLS

[srebhan]

Looks good to me. Thanks for your effort @thepacketgeek!

[telegraf-tiger]

Download PR build artifacts for linux_amd64.tar.gz, darwin_amd64.tar.gz, and windows_amd64.zip.
Downloads for additional architectures and packages are available below.

☺️ This pull request doesn't significantly change the Telegraf binary size (less than 1%)

📦 Click here to get additional PR build artifacts

Artifact URLs

DEB	RPM	TAR GZ	ZIP
amd64.deb	aarch64.rpm	darwin_amd64.tar.gz	windows_amd64.zip
arm64.deb	armel.rpm	darwin_arm64.tar.gz	windows_i386.zip
armel.deb	armv6hl.rpm	freebsd_amd64.tar.gz
armhf.deb	i386.rpm	freebsd_armv7.tar.gz
i386.deb	ppc64le.rpm	freebsd_i386.tar.gz
mips.deb	riscv64.rpm	linux_amd64.tar.gz
mipsel.deb	s390x.rpm	linux_arm64.tar.gz
ppc64el.deb	x86_64.rpm	linux_armel.tar.gz
riscv64.deb		linux_armhf.tar.gz
s390x.deb		linux_i386.tar.gz
		linux_mips.tar.gz
		linux_mipsel.tar.gz
		linux_ppc64le.tar.gz
		linux_riscv64.tar.gz
		linux_s390x.tar.gz
		static_linux_amd64.tar.gz