--- apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: loki-stack namespace: monitoring spec: interval: 5m chart: spec: # renovate: registryUrl=https://grafana.github.io/loki/charts chart: loki-stack version: 2.1.2 sourceRef: kind: HelmRepository name: grafana-loki-charts namespace: flux-system interval: 5m values: loki: replicas: 3 persistence: enabled: false config: auth_enabled: false server: http_listen_port: 3100 distributor: ring: kvstore: store: memberlist ingester: lifecycler: ring: kvstore: store: memberlist replication_factor: 1 final_sleep: 0s chunk_idle_period: 5m chunk_retain_period: 30s memberlist: abort_if_cluster_join_fails: false # Expose this port on all distributor, ingester # and querier replicas. bind_port: 7946 # You can use a headless k8s service for all distributor, # ingester and querier components. join_members: - loki-stack-headless:7946 # max_join_backoff: 1m # max_join_retries: 10 # min_join_backoff: 1s schema_config: configs: - from: 2020-05-15 store: boltdb-shipper object_store: s3 schema: v11 index: prefix: index_ period: 24h storage_config: boltdb_shipper: active_index_directory: /data/loki/index cache_location: /data/loki/index_cache resync_interval: 5s shared_store: s3 limits_config: enforce_metric_name: false reject_old_samples: true reject_old_samples_max_age: 168h extraPorts: - port: 7956 protocol: TCP name: loki-gossip-ring targetPort: 7946 serviceMonitor: enabled: true podAnnotations: prometheus.io/scrape: "true" prometheus.io/port: "http-metrics" promtail: serviceMonitor: enabled: true extraScrapeConfigs: pipeline_stages: - job_name: pfsense syslog: listen_address: 0.0.0.0:1514 idle_timeout: 60s label_structured_data: false labels: job: "syslog" host: pfsense relabel_configs: - source_labels: ["__syslog_message_severity"] target_label: "severity" #- source_labels: ['__syslog_message_facility'] # target_label: 'facility' - source_labels: ["__syslog_message_app_name"] target_label: "app_name" pipeline_stages: - match: selector: '{app_name="filterlog"}' stages: - regex: expression: '(?P\d*?),(?P\d*?),(?P\d*?),(?P\d*?),(?Pigb.{1,5}?),(?P\w*?),(?P\w*?),(?P\w*?),(?P4{1}?),(?P\w*?),(?P\w*?),(?P\w*?),(?P\w*?),(?P\w*?),(?P\w*?),(?P\d*?),(?P\w*?),(?P\d*?),(?P\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?),(?P\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}?),(?P\d+?),(?P\d+?),(?P\d+?)' # ipv6 // ,(?P6{1}?),(?P\w*?),(?P\w*?),(?P\w*?),(?P\w*?),(?P\d*?), - labels: pfsense_fw_rule: "" #pfsense_fw_subrule: '' #pfsense_fw_anchor: '' pfsense_fw_tracker: "" pfsense_fw_interface: "" pfsense_fw_reason: "" pfsense_fw_action: "" pfsense_fw_direction: "" #pfsense_fw_ip_version: '' #pfsense_fw_tos: '' #pfsense_fw_ecn: '' #pfsense_fw_ttl: '' #pfsense_fw_id: '' #pfsense_fw_offset: '' #pfsense_fw_flag: '' pfsense_fw_protocol_id: "" pfsense_fw_protocol_text: "" #pfsense_fw_length: '' pfsense_fw_source_address: "" pfsense_fw_destination_address: "" pfsense_fw_source_port: "" pfsense_fw_destination_port: "" #pfsense_fw_data_length: '' # - metrics: # lines_total: # type: Counter # description: "pfsense firewall : total number of log lines" # prefix: pfsense_firewall_ # match_all: true # count_entry_bytes: true # config: # action: add syslogService: enabled: true type: LoadBalancer port: 1514 loadBalancerIP: 192.168.9.208 valuesFrom: - kind: ConfigMap name: helmrelease-monitoring-loki-stack