nixos-config/terranix/graylog/journald.nix

with builtins; {

  resource = {

    graylog_input.journald = {
      title = "test journald";
      # https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html
      type = "org.graylog2.inputs.gelf.udp.GELFUDPInput";
      global = true;
      attributes = toJSON ({
        bind_address = "0.0.0.0";
        decompress_size_limit = 8388608;
        number_worker_threads = 2;
        port = 12211; # todo
        recv_buffer_size = 262144;
      });
    };

    # todo create stream

    graylog_input_static_fields.journald = {
      input_id = "\${graylog_input.journald.id}";
      fields = { from_systemd = true; };
    };

    graylog_pipeline.systemd_loglevel_fix.source = ''
      pipeline "journald : log level fix"
        stage 0 match either
          rule "journald : lookup log level"
        stage 1 match either
          rule "journald : replace log level"
      end
    '';

    graylog_pipeline_rule = {
      lookup.source = ''
        rule "journald : lookup log level"
        when
          has_field("level")
        then
          let lookup = lookup_value("systemd-log-level-reverse",$message.level);
          set_field("level_fix",lookup);
        end
      '';
      replace.source = ''
        rule "journald : replace log level"
        when
          has_field("level_fix")
        then
          set_field("level",$message.level_fix);
        end
      '';

    };
  };

}
update graylog terranix setup 2021-07-14 12:12:36 +02:00			`with builtins; {`

			`resource = {`

			`graylog_input.journald = {`
			`title = "test journald";`
			`# https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html`
			`type = "org.graylog2.inputs.gelf.udp.GELFUDPInput";`
			`global = true;`
			`attributes = toJSON ({`
			`bind_address = "0.0.0.0";`
			`decompress_size_limit = 8388608;`
			`number_worker_threads = 2;`
			`port = 12211; # todo`
			`recv_buffer_size = 262144;`
			`});`
			`};`

			`# todo create stream`

			`graylog_input_static_fields.journald = {`
			`input_id = "\${graylog_input.journald.id}";`
			`fields = { from_systemd = true; };`
			`};`

			`graylog_pipeline.systemd_loglevel_fix.source = ''`
			`pipeline "journald : log level fix"`
			`stage 0 match either`
			`rule "journald : lookup log level"`
			`stage 1 match either`
			`rule "journald : replace log level"`
			`end`
			`'';`

			`graylog_pipeline_rule = {`
			`lookup.source = ''`
			`rule "journald : lookup log level"`
			`when`
			`has_field("level")`
			`then`
			`let lookup = lookup_value("systemd-log-level-reverse",$message.level);`
			`set_field("level_fix",lookup);`
			`end`
			`'';`
			`replace.source = ''`
			`rule "journald : replace log level"`
			`when`
			`has_field("level_fix")`
			`then`
			`set_field("level",$message.level_fix);`
			`end`
			`'';`

			`};`
			`};`

			`}`