graylog finished nginx streams

terranix/graylog/nginx.nix

@@ -84,6 +84,20 @@ with builtins; {
         disabled = false;
         matching_type = "AND";
       };
+      nginx_access = {
+        title = "nginx access";
+        description = "all requests";
+        index_set_id = "\${graylog_index_set.default.id}";
+        disabled = false;
+        matching_type = "AND";
+      };
+      nginx_error = {
+        title = "nginx error";
+        description = "all errors";
+        index_set_id = "\${graylog_index_set.default.id}";
+        disabled = false;
+        matching_type = "AND";
+      };
     };
 
     graylog_stream_rule = let
@@ -108,13 +122,19 @@ with builtins; {
         inverted = false;
       };
       between = min: max: stream_id: {
-        "is_nginx_${min}_${max}" = (eq_stream_rule "from_nginx" true stream_id);
+        "is_nginx_access_${min}_${max}" =
+          (eq_stream_rule "nginx_access" true stream_id);
         "nginx_above${min}" = (gt_stream_rule "response_status" min stream_id);
         "nginx_below${max}" = (lt_stream_rule "response_status" max stream_id);
       };
     in (between "499" "600" "\${graylog_stream.nginx5xx.id}")
     // (between "399" "500" "\${graylog_stream.nginx4xx.id}")
-    // (between "199" "300" "\${graylog_stream.nginx2xx.id}");
+    // (between "199" "300" "\${graylog_stream.nginx2xx.id}") // {
+      is_nginx_access = (eq_stream_rule "nginx_access" true
+        "\${graylog_stream.nginx_access.id}");
+      is_nginx_error =
+        (eq_stream_rule "nginx_error" true "\${graylog_stream.nginx_error.id}");
+    };
 
   };
 }