shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-09-17 18:24:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat: loki syslog

Browse Source
This commit is contained in:
auricom
2021-07-31 12:52:16 +02:00
parent 340e72e943
commit 0373188736
1 changed files with 79 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

133
cluster/apps/monitoring/loki-stack/helm-release.yaml
View File

@@ -51,9 +51,9 @@ spec:
# ingester and querier components.
join_members:
- loki-headless.monitoring.svc.cluster.local.:7946
# max_join_backoff: 1m
# max_join_retries: 10
# min_join_backoff: 1s
# max_join_backoff: 1m
# max_join_retries: 10
# min_join_backoff: 1s
schema_config:
configs:
- from: "2020-10-24"
@@ -96,62 +96,87 @@ spec:
serviceMonitor:
enabled: true
extraScrapeConfigs:
pipeline_stages:
- job_name: pfsense
- job_name: syslog
syslog:
listen_address: 0.0.0.0:1514
idle_timeout: 60s
label_structured_data: false
label_structured_data: true
labels:
job: "syslog"
host: pfsense
relabel_configs:
- source_labels: ["__syslog_message_severity"]
target_label: "severity"
#- source_labels: ['__syslog_message_facility']
# target_label: 'facility'
- source_labels: ["__syslog_message_app_name"]
target_label: "app_name"
pipeline_stages:
- match:
selector: '{app_name="filterlog"}'
stages:
- regex:
expression: '(?P<pfsense_fw_rule>\d*?),(?P<pfsense_fw_subrule>\d*?),(?P<pfsense_fw_anchor>\d*?),(?P<pfsense_fw_tracker>\d*?),(?P<pfsense_fw_interface>igb.{1,5}?),(?P<pfsense_fw_reason>\w*?),(?P<pfsense_fw_action>\w*?),(?P<pfsense_fw_direction>\w*?),(?P<pfsense_fw_ip_version>4{1}?),(?P<pfsense_fw_tos>\w*?),(?P<pfsense_fw_ecn>\w*?),(?P<pfsense_fw_ttl>\w*?),(?P<pfsense_fw_id>\w*?),(?P<pfsense_fw_offset>\w*?),(?P<pfsense_fw_flag>\w*?),(?P<pfsense_fw_protocol_id>\d*?),(?P<pfsense_fw_protocol_text>\w*?),(?P<pfsense_fw_length>\d*?),(?P<pfsense_fw_source_address>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?),(?P<pfsense_fw_destination_address>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?),(?P<pfsense_fw_source_port>\d+?),(?P<pfsense_fw_destination_port>\d+?),(?P<pfsense_fw_data_length>\d+?)'
# ipv6 // ,(?P<pfsense_fw_ip_version>6{1}?),(?P<pfsense_fw_lass>\w*?),(?P<pfsense_fw_flow_label>\w*?),(?P<pfsense_fw_hop_limit>\w*?),(?P<pfsense_fw_protocol_text>\w*?),(?P<pfsense_fw_protocol_id>\d*?),
- labels:
pfsense_fw_rule: ""
#pfsense_fw_subrule: ''
#pfsense_fw_anchor: ''
pfsense_fw_tracker: ""
pfsense_fw_interface: ""
pfsense_fw_reason: ""
pfsense_fw_action: ""
pfsense_fw_direction: ""
#pfsense_fw_ip_version: ''
#pfsense_fw_tos: ''
#pfsense_fw_ecn: ''
#pfsense_fw_ttl: ''
#pfsense_fw_id: ''
#pfsense_fw_offset: ''
#pfsense_fw_flag: ''
pfsense_fw_protocol_id: ""
pfsense_fw_protocol_text: ""
#pfsense_fw_length: ''
pfsense_fw_source_address: ""
pfsense_fw_destination_address: ""
pfsense_fw_source_port: ""
pfsense_fw_destination_port: ""
#pfsense_fw_data_length: ''
# - metrics:
# lines_total:
# type: Counter
# description: "pfsense firewall : total number of log lines"
# prefix: pfsense_firewall_
# match_all: true
# count_entry_bytes: true
# config:
# action: add
- source_labels: ['__syslog_connection_ip_address']
target_label: 'ip_address'
- source_labels: ['__syslog_message_severity']
target_label: 'severity'
- source_labels: ['__syslog_message_facility']
target_label: 'facility'
- source_labels: ['__syslog_message_hostname']
target_label: 'host'
- source_labels: ['__syslog_message_app_name']
target_label: 'app'
- source_labels: ['__syslog_message_SRC']
target_label: 'source_ip'
- source_labels: ['__syslog_message_SPT']
target_label: 'source_port'
- source_labels: ['__syslog_message_DPT']
target_label: 'destination_port'
- source_labels: ['__syslog_message_DST']
target_label: 'destination_ip'
pipeline_stages:
# - job_name: pfsense
# syslog:
# listen_address: 0.0.0.0:1514
# idle_timeout: 60s
# label_structured_data: false
# labels:
# job: "syslog"
# host: pfsense
# relabel_configs:
# - source_labels: ["__syslog_message_severity"]
# target_label: "severity"
# #- source_labels: ['__syslog_message_facility']
# # target_label: 'facility'
# - source_labels: ["__syslog_message_app_name"]
# target_label: "app_name"
# pipeline_stages:
# - match:
# selector: '{app_name="filterlog"}'
# stages:
# - regex:
# expression: '(?P<pfsense_fw_rule>\d*?),(?P<pfsense_fw_subrule>\d*?),(?P<pfsense_fw_anchor>\d*?),(?P<pfsense_fw_tracker>\d*?),(?P<pfsense_fw_interface>igb.{1,5}?),(?P<pfsense_fw_reason>\w*?),(?P<pfsense_fw_action>\w*?),(?P<pfsense_fw_direction>\w*?),(?P<pfsense_fw_ip_version>4{1}?),(?P<pfsense_fw_tos>\w*?),(?P<pfsense_fw_ecn>\w*?),(?P<pfsense_fw_ttl>\w*?),(?P<pfsense_fw_id>\w*?),(?P<pfsense_fw_offset>\w*?),(?P<pfsense_fw_flag>\w*?),(?P<pfsense_fw_protocol_id>\d*?),(?P<pfsense_fw_protocol_text>\w*?),(?P<pfsense_fw_length>\d*?),(?P<pfsense_fw_source_address>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?),(?P<pfsense_fw_destination_address>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?),(?P<pfsense_fw_source_port>\d+?),(?P<pfsense_fw_destination_port>\d+?),(?P<pfsense_fw_data_length>\d+?)'
# # ipv6 // ,(?P<pfsense_fw_ip_version>6{1}?),(?P<pfsense_fw_lass>\w*?),(?P<pfsense_fw_flow_label>\w*?),(?P<pfsense_fw_hop_limit>\w*?),(?P<pfsense_fw_protocol_text>\w*?),(?P<pfsense_fw_protocol_id>\d*?),
# - labels:
# pfsense_fw_rule: ""
# #pfsense_fw_subrule: ''
# #pfsense_fw_anchor: ''
# pfsense_fw_tracker: ""
# pfsense_fw_interface: ""
# pfsense_fw_reason: ""
# pfsense_fw_action: ""
# pfsense_fw_direction: ""
# #pfsense_fw_ip_version: ''
# #pfsense_fw_tos: ''
# #pfsense_fw_ecn: ''
# #pfsense_fw_ttl: ''
# #pfsense_fw_id: ''
# #pfsense_fw_offset: ''
# #pfsense_fw_flag: ''
# pfsense_fw_protocol_id: ""
# pfsense_fw_protocol_text: ""
# #pfsense_fw_length: ''
# pfsense_fw_source_address: ""
# pfsense_fw_destination_address: ""
# pfsense_fw_source_port: ""
# pfsense_fw_destination_port: ""
# #pfsense_fw_data_length: ''
# # - metrics:
# # lines_total:
# # type: Counter
# # description: "pfsense firewall : total number of log lines"
# # prefix: pfsense_firewall_
# # match_all: true
# # count_entry_bytes: true
# # config:
# # action: add
syslogService:
enabled: true
type: LoadBalancer