config: Add 20 files
All checks were successful
Test and Publish Templates / test-and-publish (push) Successful in 10s
All checks were successful
Test and Publish Templates / test-and-publish (push) Successful in 10s
This commit is contained in:
j
90
graylog-client/scripts/generate-config.sh
Executable file
90
graylog-client/scripts/generate-config.sh
Executable file
@@ -0,0 +1,90 @@
|
||||
#!/bin/bash
|
||||
# Generate Fluent Bit configuration for Graylog
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
# Required environment variables
|
||||
: "${CONFIG_PATH:?CONFIG_PATH is required}"
|
||||
: "${GRAYLOG_HOST:?GRAYLOG_HOST is required}"
|
||||
: "${GRAYLOG_PORT:?GRAYLOG_PORT is required}"
|
||||
: "${GRAYLOG_PROTOCOL:=udp}"
|
||||
: "${HOSTNAME:=$(hostname)}"
|
||||
|
||||
# Create parsers.conf
|
||||
cat > "${CONFIG_PATH}/parsers.conf" << 'EOF'
|
||||
[PARSER]
|
||||
Name docker
|
||||
Format json
|
||||
Time_Key time
|
||||
Time_Format %Y-%m-%dT%H:%M:%S.%L
|
||||
Time_Keep On
|
||||
|
||||
[PARSER]
|
||||
Name syslog
|
||||
Format regex
|
||||
Regex ^\<(?<pri>[0-9]+)\>(?<time>[^ ]* {1,2}[^ ]* [^ ]*) (?<host>[^ ]*) (?<ident>[a-zA-Z0-9_\/\.\-]*)(?:\[(?<pid>[0-9]+)\])?(?:[^\:]*\:)? *(?<message>.*)$
|
||||
Time_Key time
|
||||
Time_Format %b %d %H:%M:%S
|
||||
EOF
|
||||
|
||||
# Create fluent-bit.conf
|
||||
cat > "${CONFIG_PATH}/fluent-bit.conf" << EOF
|
||||
[SERVICE]
|
||||
Flush 5
|
||||
Daemon Off
|
||||
Log_Level info
|
||||
Parsers_File parsers.conf
|
||||
|
||||
# Collect Docker container logs
|
||||
[INPUT]
|
||||
Name forward
|
||||
Listen 0.0.0.0
|
||||
Port 24224
|
||||
|
||||
[INPUT]
|
||||
Name tail
|
||||
Tag docker.*
|
||||
Path /var/lib/docker/containers/*/*.log
|
||||
Parser docker
|
||||
DB /fluent-bit/etc/docker.db
|
||||
Mem_Buf_Limit 50MB
|
||||
Skip_Long_Lines On
|
||||
Refresh_Interval 10
|
||||
|
||||
# Collect syslog
|
||||
[INPUT]
|
||||
Name tail
|
||||
Tag syslog
|
||||
Path /var/log/syslog,/var/log/messages
|
||||
DB /fluent-bit/etc/syslog.db
|
||||
Mem_Buf_Limit 5MB
|
||||
Skip_Long_Lines On
|
||||
Refresh_Interval 10
|
||||
|
||||
# Collect auth logs
|
||||
[INPUT]
|
||||
Name tail
|
||||
Tag auth
|
||||
Path /var/log/auth.log,/var/log/secure
|
||||
DB /fluent-bit/etc/auth.db
|
||||
Mem_Buf_Limit 5MB
|
||||
Skip_Long_Lines On
|
||||
Refresh_Interval 10
|
||||
|
||||
# Add hostname to all records
|
||||
[FILTER]
|
||||
Name record_modifier
|
||||
Match *
|
||||
Record hostname ${HOSTNAME}
|
||||
|
||||
# Output to Graylog via GELF
|
||||
[OUTPUT]
|
||||
Name gelf
|
||||
Match *
|
||||
Host ${GRAYLOG_HOST}
|
||||
Port ${GRAYLOG_PORT}
|
||||
Mode ${GRAYLOG_PROTOCOL}
|
||||
Gelf_Short_Message_Key log
|
||||
EOF
|
||||
|
||||
echo "Configuration generated successfully"
|
||||
Reference in New Issue
Block a user