add nginx inputs to graylog

This commit is contained in:
Ingolf Wagner 2021-07-14 17:43:31 +02:00
parent c2ec6804de
commit 26261d6379
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
4 changed files with 60 additions and 57 deletions

View file

@ -1,10 +1,6 @@
with builtins; { with builtins; {
imports = [ imports = [ ./provider.nix ./nginx.nix ./journald.nix ];
./provider.nix
#./nginx.nix
./journald.nix
];
resource.graylog_output.stdout = { resource.graylog_output.stdout = {
title = "test stdout"; title = "test stdout";

View file

@ -1,7 +1,5 @@
with builtins; { with builtins; {
#data.graylog_index_set.default.index_prefix = "graylog";
resource = { resource = {
graylog_input.journald = { graylog_input.journald = {
@ -18,11 +16,9 @@ with builtins; {
}); });
}; };
# todo create stream
graylog_stream.journald = { graylog_stream.journald = {
title = "journald"; title = "journald";
description = "journald processing stream"; description = "journald processing stream";
#index_set_id = "\${data.graylog_index_set.default.id}";
index_set_id = "\${graylog_index_set.default.id}"; index_set_id = "\${graylog_index_set.default.id}";
disabled = false; disabled = false;
matching_type = "AND"; matching_type = "AND";

View file

@ -1,7 +1,11 @@
with builtins; { with builtins; {
resource.graylog_input = {
resource = {
graylog_input = {
nginx_access_logs = { nginx_access_logs = {
title = "test nginx access log input"; title = "nginx access log";
# https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html # https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html
type = "org.graylog2.inputs.syslog.udp.SyslogUDPInput"; type = "org.graylog2.inputs.syslog.udp.SyslogUDPInput";
global = true; global = true;
@ -10,31 +14,34 @@ with builtins; {
bind_address = "0.0.0.0"; bind_address = "0.0.0.0";
expand_structured_data = false; expand_structured_data = false;
force_rdns = false; force_rdns = false;
number_worker_threads = 2; number_worker_threads = 4;
port = 12209; # todo port = 12304;
recv_buffer_size = 262144; recv_buffer_size = 1048576;
store_full_message = false; store_full_message = false;
}); });
}; };
nginx_error_logs = {
title = "test nginx error log input";
# https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html
type = "org.graylog2.inputs.syslog.udp.SyslogUDPInput";
global = true;
attributes = toJSON ({
allow_override_date = true;
bind_address = "0.0.0.0";
expand_structured_data = false;
force_rdns = false;
number_worker_threads = 2;
port = 12208; # todo
recv_buffer_size = 262144;
store_full_message = false;
});
};
};
resource.graylog_input_static_fields = { nginx_error_logs = {
title = "nginx error log";
# https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html
type = "org.graylog2.inputs.syslog.udp.SyslogUDPInput";
global = true;
attributes = toJSON ({
allow_override_date = true;
bind_address = "0.0.0.0";
expand_structured_data = false;
force_rdns = false;
number_worker_threads = 4;
port = 12305;
recv_buffer_size = 1048576;
store_full_message = false;
});
};
};
graylog_input_static_fields = {
nginx_access_logs = { nginx_access_logs = {
input_id = "\${graylog_input.nginx_access_logs.id}"; input_id = "\${graylog_input.nginx_access_logs.id}";
fields = { fields = {
@ -43,6 +50,7 @@ with builtins; {
nginx_access = true; nginx_access = true;
}; };
}; };
nginx_error_logs = { nginx_error_logs = {
input_id = "\${graylog_input.nginx_error_logs.id}"; input_id = "\${graylog_input.nginx_error_logs.id}";
fields = { fields = {
@ -51,5 +59,8 @@ with builtins; {
nginx_access = false; nginx_access = false;
}; };
}; };
};
}; };
} }

Binary file not shown.