mirror of
https://github.com/auricom/home-cluster.git
synced 2025-09-17 18:24:14 +02:00
feat: loki syslog
This commit is contained in:
auricom
@@ -51,9 +51,9 @@ spec:
|
|||||||
# ingester and querier components.
|
# ingester and querier components.
|
||||||
join_members:
|
join_members:
|
||||||
- loki-headless.monitoring.svc.cluster.local.:7946
|
- loki-headless.monitoring.svc.cluster.local.:7946
|
||||||
# max_join_backoff: 1m
|
# max_join_backoff: 1m
|
||||||
# max_join_retries: 10
|
# max_join_retries: 10
|
||||||
# min_join_backoff: 1s
|
# min_join_backoff: 1s
|
||||||
schema_config:
|
schema_config:
|
||||||
configs:
|
configs:
|
||||||
- from: "2020-10-24"
|
- from: "2020-10-24"
|
||||||
@@ -96,62 +96,87 @@ spec:
|
|||||||
serviceMonitor:
|
serviceMonitor:
|
||||||
enabled: true
|
enabled: true
|
||||||
extraScrapeConfigs:
|
extraScrapeConfigs:
|
||||||
pipeline_stages:
|
- job_name: syslog
|
||||||
- job_name: pfsense
|
|
||||||
syslog:
|
syslog:
|
||||||
listen_address: 0.0.0.0:1514
|
listen_address: 0.0.0.0:1514
|
||||||
idle_timeout: 60s
|
label_structured_data: true
|
||||||
label_structured_data: false
|
|
||||||
labels:
|
labels:
|
||||||
job: "syslog"
|
job: "syslog"
|
||||||
host: pfsense
|
|
||||||
relabel_configs:
|
relabel_configs:
|
||||||
- source_labels: ["__syslog_message_severity"]
|
- source_labels: ['__syslog_connection_ip_address']
|
||||||
target_label: "severity"
|
target_label: 'ip_address'
|
||||||
#- source_labels: ['__syslog_message_facility']
|
- source_labels: ['__syslog_message_severity']
|
||||||
# target_label: 'facility'
|
target_label: 'severity'
|
||||||
- source_labels: ["__syslog_message_app_name"]
|
- source_labels: ['__syslog_message_facility']
|
||||||
target_label: "app_name"
|
target_label: 'facility'
|
||||||
pipeline_stages:
|
- source_labels: ['__syslog_message_hostname']
|
||||||
- match:
|
target_label: 'host'
|
||||||
selector: '{app_name="filterlog"}'
|
- source_labels: ['__syslog_message_app_name']
|
||||||
stages:
|
target_label: 'app'
|
||||||
- regex:
|
- source_labels: ['__syslog_message_SRC']
|
||||||
expression: '(?P<pfsense_fw_rule>\d*?),(?P<pfsense_fw_subrule>\d*?),(?P<pfsense_fw_anchor>\d*?),(?P<pfsense_fw_tracker>\d*?),(?P<pfsense_fw_interface>igb.{1,5}?),(?P<pfsense_fw_reason>\w*?),(?P<pfsense_fw_action>\w*?),(?P<pfsense_fw_direction>\w*?),(?P<pfsense_fw_ip_version>4{1}?),(?P<pfsense_fw_tos>\w*?),(?P<pfsense_fw_ecn>\w*?),(?P<pfsense_fw_ttl>\w*?),(?P<pfsense_fw_id>\w*?),(?P<pfsense_fw_offset>\w*?),(?P<pfsense_fw_flag>\w*?),(?P<pfsense_fw_protocol_id>\d*?),(?P<pfsense_fw_protocol_text>\w*?),(?P<pfsense_fw_length>\d*?),(?P<pfsense_fw_source_address>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?),(?P<pfsense_fw_destination_address>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?),(?P<pfsense_fw_source_port>\d+?),(?P<pfsense_fw_destination_port>\d+?),(?P<pfsense_fw_data_length>\d+?)'
|
target_label: 'source_ip'
|
||||||
# ipv6 // ,(?P<pfsense_fw_ip_version>6{1}?),(?P<pfsense_fw_lass>\w*?),(?P<pfsense_fw_flow_label>\w*?),(?P<pfsense_fw_hop_limit>\w*?),(?P<pfsense_fw_protocol_text>\w*?),(?P<pfsense_fw_protocol_id>\d*?),
|
- source_labels: ['__syslog_message_SPT']
|
||||||
- labels:
|
target_label: 'source_port'
|
||||||
pfsense_fw_rule: ""
|
- source_labels: ['__syslog_message_DPT']
|
||||||
#pfsense_fw_subrule: ''
|
target_label: 'destination_port'
|
||||||
#pfsense_fw_anchor: ''
|
- source_labels: ['__syslog_message_DST']
|
||||||
pfsense_fw_tracker: ""
|
target_label: 'destination_ip'
|
||||||
pfsense_fw_interface: ""
|
pipeline_stages:
|
||||||
pfsense_fw_reason: ""
|
# - job_name: pfsense
|
||||||
pfsense_fw_action: ""
|
# syslog:
|
||||||
pfsense_fw_direction: ""
|
# listen_address: 0.0.0.0:1514
|
||||||
#pfsense_fw_ip_version: ''
|
# idle_timeout: 60s
|
||||||
#pfsense_fw_tos: ''
|
# label_structured_data: false
|
||||||
#pfsense_fw_ecn: ''
|
# labels:
|
||||||
#pfsense_fw_ttl: ''
|
# job: "syslog"
|
||||||
#pfsense_fw_id: ''
|
# host: pfsense
|
||||||
#pfsense_fw_offset: ''
|
# relabel_configs:
|
||||||
#pfsense_fw_flag: ''
|
# - source_labels: ["__syslog_message_severity"]
|
||||||
pfsense_fw_protocol_id: ""
|
# target_label: "severity"
|
||||||
pfsense_fw_protocol_text: ""
|
# #- source_labels: ['__syslog_message_facility']
|
||||||
#pfsense_fw_length: ''
|
# # target_label: 'facility'
|
||||||
pfsense_fw_source_address: ""
|
# - source_labels: ["__syslog_message_app_name"]
|
||||||
pfsense_fw_destination_address: ""
|
# target_label: "app_name"
|
||||||
pfsense_fw_source_port: ""
|
# pipeline_stages:
|
||||||
pfsense_fw_destination_port: ""
|
# - match:
|
||||||
#pfsense_fw_data_length: ''
|
# selector: '{app_name="filterlog"}'
|
||||||
# - metrics:
|
# stages:
|
||||||
# lines_total:
|
# - regex:
|
||||||
# type: Counter
|
# expression: '(?P<pfsense_fw_rule>\d*?),(?P<pfsense_fw_subrule>\d*?),(?P<pfsense_fw_anchor>\d*?),(?P<pfsense_fw_tracker>\d*?),(?P<pfsense_fw_interface>igb.{1,5}?),(?P<pfsense_fw_reason>\w*?),(?P<pfsense_fw_action>\w*?),(?P<pfsense_fw_direction>\w*?),(?P<pfsense_fw_ip_version>4{1}?),(?P<pfsense_fw_tos>\w*?),(?P<pfsense_fw_ecn>\w*?),(?P<pfsense_fw_ttl>\w*?),(?P<pfsense_fw_id>\w*?),(?P<pfsense_fw_offset>\w*?),(?P<pfsense_fw_flag>\w*?),(?P<pfsense_fw_protocol_id>\d*?),(?P<pfsense_fw_protocol_text>\w*?),(?P<pfsense_fw_length>\d*?),(?P<pfsense_fw_source_address>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?),(?P<pfsense_fw_destination_address>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?),(?P<pfsense_fw_source_port>\d+?),(?P<pfsense_fw_destination_port>\d+?),(?P<pfsense_fw_data_length>\d+?)'
|
||||||
# description: "pfsense firewall : total number of log lines"
|
# # ipv6 // ,(?P<pfsense_fw_ip_version>6{1}?),(?P<pfsense_fw_lass>\w*?),(?P<pfsense_fw_flow_label>\w*?),(?P<pfsense_fw_hop_limit>\w*?),(?P<pfsense_fw_protocol_text>\w*?),(?P<pfsense_fw_protocol_id>\d*?),
|
||||||
# prefix: pfsense_firewall_
|
# - labels:
|
||||||
# match_all: true
|
# pfsense_fw_rule: ""
|
||||||
# count_entry_bytes: true
|
# #pfsense_fw_subrule: ''
|
||||||
# config:
|
# #pfsense_fw_anchor: ''
|
||||||
# action: add
|
# pfsense_fw_tracker: ""
|
||||||
|
# pfsense_fw_interface: ""
|
||||||
|
# pfsense_fw_reason: ""
|
||||||
|
# pfsense_fw_action: ""
|
||||||
|
# pfsense_fw_direction: ""
|
||||||
|
# #pfsense_fw_ip_version: ''
|
||||||
|
# #pfsense_fw_tos: ''
|
||||||
|
# #pfsense_fw_ecn: ''
|
||||||
|
# #pfsense_fw_ttl: ''
|
||||||
|
# #pfsense_fw_id: ''
|
||||||
|
# #pfsense_fw_offset: ''
|
||||||
|
# #pfsense_fw_flag: ''
|
||||||
|
# pfsense_fw_protocol_id: ""
|
||||||
|
# pfsense_fw_protocol_text: ""
|
||||||
|
# #pfsense_fw_length: ''
|
||||||
|
# pfsense_fw_source_address: ""
|
||||||
|
# pfsense_fw_destination_address: ""
|
||||||
|
# pfsense_fw_source_port: ""
|
||||||
|
# pfsense_fw_destination_port: ""
|
||||||
|
# #pfsense_fw_data_length: ''
|
||||||
|
# # - metrics:
|
||||||
|
# # lines_total:
|
||||||
|
# # type: Counter
|
||||||
|
# # description: "pfsense firewall : total number of log lines"
|
||||||
|
# # prefix: pfsense_firewall_
|
||||||
|
# # match_all: true
|
||||||
|
# # count_entry_bytes: true
|
||||||
|
# # config:
|
||||||
|
# # action: add
|
||||||
syslogService:
|
syslogService:
|
||||||
enabled: true
|
enabled: true
|
||||||
type: LoadBalancer
|
type: LoadBalancer
|
||||||
|
|||||||
Reference in New Issue
Block a user