--- apiVersion: apps/v1 kind: Deployment metadata: name: syslog-ng namespace: monitoring labels: app.kubernetes.io/instance: syslog-ng app.kubernetes.io/name: syslog-ng annotations: fluxcd.io/ignored: "false" fluxcd.io/automated: "true" fluxcd.io/tag.syslog-ng: semver:* spec: replicas: 1 selector: matchLabels: app.kubernetes.io/instance: syslog-ng app.kubernetes.io/name: syslog-ng template: metadata: labels: app.kubernetes.io/instance: syslog-ng app.kubernetes.io/name: syslog-ng spec: containers: - image: balabit/syslog-ng:3.29.1 imagePullPolicy: Always name: syslog-ng # securityContext: # capabilities: # drop: # - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true # runAsUser: 1001 ports: - containerPort: 514 name: pfsense-syslog volumeMounts: - name: config mountPath: /etc/syslog-ng/syslog-ng.conf subPath: syslog-ng.conf livenessProbe: exec: command: - cat volumes: - name: config configMap: name: syslog-ng-config dnsConfig: options: - name: ndots value: "1" --- apiVersion: v1 kind: ConfigMap metadata: name: syslog-ng-config namespace: monitoring data: syslog-ng.conf: | @version: 3.27 source pfsense { udp(ip(0.0.0.0) port(514) flags(no-hostname)); }; destination loki_syslog { syslog("loki-promtail-syslog" transport("tcp") port(1514)); }; log { source(pfsense); destination(loki_syslog); }; --- apiVersion: v1 kind: Service metadata: #annotations: # prometheus.io/probe: "true" # prometheus.io/protocol: tcp labels: app.kubernetes.io/instance: syslog-ng app.kubernetes.io/name: syslog-ng name: syslog-ng namespace: monitoring spec: ports: - name: pfsense-syslog port: 514 protocol: UDP targetPort: 514 selector: app.kubernetes.io/instance: syslog-ng app.kubernetes.io/name: syslog-ng type: LoadBalancer loadBalancerIP: 192.168.9.202