palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Wiki Activity
nixos-config/terranix/graylog/nginx.nix

141 lines
4.1 KiB
Nix
Raw Blame History

with builtins; {
resource = {
graylog_input = {
nginx_access_logs = {
title = "nginx access log";
# https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html
type = "org.graylog2.inputs.syslog.udp.SyslogUDPInput";
global = true;
attributes = toJSON ({
allow_override_date = true;
bind_address = "0.0.0.0";
expand_structured_data = false;
force_rdns = false;
number_worker_threads = 4;
port = 12304;
recv_buffer_size = 1048576;
store_full_message = false;
});
};
nginx_error_logs = {
title = "nginx error log";
# https://javadoc.io/doc/org.graylog2/graylog2-inputs/latest/index.html
type = "org.graylog2.inputs.syslog.udp.SyslogUDPInput";
global = true;
attributes = toJSON ({
allow_override_date = true;
bind_address = "0.0.0.0";
expand_structured_data = false;
force_rdns = false;
number_worker_threads = 4;
port = 12305;
recv_buffer_size = 1048576;
store_full_message = false;
});
};
};
graylog_input_static_fields = {
nginx_access_logs = {
input_id = "\${graylog_input.nginx_access_logs.id}";
fields = {
from_nginx = true;
nginx_error = false;
nginx_access = true;
};
};
nginx_error_logs = {
input_id = "\${graylog_input.nginx_error_logs.id}";
fields = {
from_nginx = true;
nginx_error = true;
nginx_access = false;
};
};
};
graylog_stream = {
nginx5xx = {
title = "nginx 5xx";
description = "all requests answered with a 5xx response";
index_set_id = "\${graylog_index_set.default.id}";
disabled = false;
matching_type = "AND";
};
nginx4xx = {
title = "nginx 4xx";
description = "all requests answered with a 4xx response";
index_set_id = "\${graylog_index_set.default.id}";
disabled = false;
matching_type = "AND";
};
nginx2xx = {
title = "nginx 2xx";
description = "all requests answered with a 2xx response";
index_set_id = "\${graylog_index_set.default.id}";
disabled = false;
matching_type = "AND";
};
nginx_access = {
title = "nginx access";
description = "all requests";
index_set_id = "\${graylog_index_set.default.id}";
disabled = false;
matching_type = "AND";
};
nginx_error = {
title = "nginx error";
description = "all errors";
index_set_id = "\${graylog_index_set.default.id}";
disabled = false;
matching_type = "AND";
};
};
graylog_stream_rule = let
nq_stream_rule = field: value: stream_id: {
inherit field value stream_id;
type = 1;
inverted = true;
};
eq_stream_rule = field: value: stream_id: {
inherit field value stream_id;
type = 1;
inverted = false;
};
gt_stream_rule = field: value: stream_id: {
inherit field value stream_id;
type = 3;
inverted = false;
};
lt_stream_rule = field: value: stream_id: {
inherit field value stream_id;
type = 4;
inverted = false;
};
between = min: max: stream_id: {
"is_nginx_access_${min}_${max}" =
(eq_stream_rule "nginx_access" true stream_id);
"nginx_above${min}" = (gt_stream_rule "response_status" min stream_id);
"nginx_below${max}" = (lt_stream_rule "response_status" max stream_id);
};
in (between "499" "600" "\${graylog_stream.nginx5xx.id}")
// (between "399" "500" "\${graylog_stream.nginx4xx.id}")
// (between "199" "300" "\${graylog_stream.nginx2xx.id}") // {
is_nginx_access = (eq_stream_rule "nginx_access" true
"\${graylog_stream.nginx_access.id}");
is_nginx_error =
(eq_stream_rule "nginx_error" true "\${graylog_stream.nginx_error.id}");
};
};
}
Reference in a new issue View git blame Copy permalink