nixos-config/terranix/graylog/journald/kibana.nix
2021-07-17 13:45:19 +02:00

59 lines
1.5 KiB
Nix

with builtins; {
resource = {
graylog_pipeline_connection = {
journald.pipeline_ids = [ "\${graylog_pipeline.kibana.id}" ];
};
graylog_pipeline = {
kibana.source = ''
pipeline "kibana : parsing"
stage 10 match either
rule "kibana : parse level 1"
stage 11 match either
rule "kibana : parse message"
end
'';
};
graylog_pipeline_rule = {
kibanaLevel1.source = ''
rule "kibana : parse level 1"
when
has_field("systemd_unit") && ($message.systemd_unit == "kibana.service")
then
let parsedJson = parse_json(to_string($message.message));
set_fields(to_map(parsedJson),"kibana_");
end
'';
kibanaLevelRequest.source = ''
rule "kibana : parse request"
when
has_field("kibana_req")
then
let parsedJson = parse_json(to_string($message.kibana_req));
set_fields(to_map(parsedJson),"kibana_req_");
end
'';
kibanaLevelResponse.source = ''
rule "kibana : parse response"
when
has_field("kibana_res")
then
let parsedJson = parse_json(to_string($message.kibana_res));
set_fields(to_map(parsedJson),"kibana_res_");
end
'';
kibanaLevelMessage.source = ''
rule "kibana : parse message"
when
has_field("kibana_message")
then
set_field("message", $message.kibana_message);
end
'';
};
};
}