nixos-config/terranix/graylog/config/sshd.nix

37 lines
833 B
Nix
Raw Normal View History

2019-10-24 02:20:38 +02:00
# filters sshd messages
{
resource."graylog_pipeline_rule" = {
routeToSshdMessage = {
description = "route sshd messages to sshd stream (TF)";
source = ''
rule "route sshd message"
when
to_string($message.facility) == "sshd"
then
route_to_stream(id:"''${ graylog_stream.sshd.id }", remove_from_default: true);
end
'';
};
};
graylog.all_messages.rules = ["route sshd message"];
graylog.stream.sshd = {
index_set_id = "\${data.graylog_index_set.default.id}";
#pipelines = [ "\${graylog_pipeline.processSshdMessage.id}" ];
};
#graylog.pipeline.processSshdMessage = {
# source = ''
# stage 0 match all
# rule "mark and route sshd junk";
# '';
# description = "process messages of the sshd stream(TF)";
#};
}