linux/meta/fluentd.yml - salt-formulas/linux - Gitiles

 {%- if grains.get('init') == 'systemd' %}
 agent:
   plugin:
     fluent-plugin-systemd:
       deb: ['td-agent-additional-plugins']
   config:
     label:
       default_metric:
         filter:
           metric_failed_user:
             tag: metric.failed_user
             type: prometheus
             metric:
               - name: failed_logins_total
                 type: counter
                 desc: The total number of failed logins.
             label:
               - name: host
                 value: ${Hostname}
           metric_out_of_memory:
             tag: metric.out_of_memory
             type: prometheus
             metric:
               - name: out_of_memory_total
                 type: counter
                 desc: The total number of OOM.
             label:
               - name: host
                 value: ${Hostname}
           metric_hdd_errors_parse:
             tag: metric.hdd_errors
             type: parser
             key_name: Payload
             parser:
               type: regexp
               format: '/(?<device>[sv]d[a-z]+\d*)/'
           metric_hdd_errors:
             tag: metric.hdd_errors
             require:
               - metric_hdd_errors_parse
             type: prometheus
             metric:
               - name: hdd_errors_total
                 type: counter
                 desc: The total number of hdd errors.
             label:
               - name: host
                 value: ${Hostname}
               - name: device
                 value: ${device}
       systemd:
         input:
           systemd:
             type: systemd
             tag: systemd.source
             path: /run/log/journal
             pos_file: {{ pillar.fluentd.agent.dir.positiondb }}/systemd.source.pos
             entry:
               field_map:
                 MESSAGE: 'Payload'
                 _CMDLINE: 'process'
                 _PID: 'Pid'
                 _COMM: 'programname'
                 _SYSTEMD_UNIT: 'service'
                 syslog_identifier: 'ident'
                 priority: 'Severity'
               field_map_strict: True
               fields_strip_underscores: True
               fields_lowercase: True
         filter:
           add_severity_label:
             tag: systemd.source
             type: record_transformer
             enable_ruby: true
             record:
               - name: severity_label
                 value: '${ {"TRACE"=>8,"DEBUG"=>7,"INFO"=>6,"NOTICE"=>5,"WARNING"=>4,"ERROR"=>3,"CRITICAL"=>2,"ALERT"=>1,"EMERGENCY"=>0}.key(record["Severity"].to_i) }'
         match:
           rewrite_tag:
             tag: systemd.source
             type: rewrite_tag_filter
             rule:
               - name: ident
                 regexp: '^(.*)$'
                 result: __TAG__.$1
           push_to_default:
             tag: 'systemd.source.*'
             type: copy
             store:
               - type: relabel
                 label: default_output
               - type: rewrite_tag_filter
                 rule:
                   - name: Payload
                     regexp: '^Invalid user'
                     result: metric.failed_user
                   - name: Payload
                     regexp: '^Out of memory'
                     result: metric.out_of_memory
                   - name: Payload
                     regexp: >-
                       'error.*\b[sv]d[a-z]{1,2}\d{0,3}\b.*'
                     result: metric.hdd_errors
                   - name: Payload
                     regexp: >-
                       '\b[sv]d[a-z]{1,2}\d{0,3}\b.*error'
                     result: metric.hdd_errors
           push_to_metric:
             tag: 'metric.**'
             type: relabel
             label: default_metric
 {%- endif %}
	{%- if grains.get('init') == 'systemd' %}
	agent:
	plugin:
	fluent-plugin-systemd:
	deb: ['td-agent-additional-plugins']
	config:
	label:
	default_metric:
	filter:
	metric_failed_user:
	tag: metric.failed_user
	type: prometheus
	metric:
	- name: failed_logins_total
	type: counter
	desc: The total number of failed logins.
	label:
	- name: host
	value: ${Hostname}
	metric_out_of_memory:
	tag: metric.out_of_memory
	type: prometheus
	metric:
	- name: out_of_memory_total
	type: counter
	desc: The total number of OOM.
	label:
	- name: host
	value: ${Hostname}
	metric_hdd_errors_parse:
	tag: metric.hdd_errors
	type: parser
	key_name: Payload
	parser:
	type: regexp
	format: '/(?<device>[sv]d[a-z]+\d*)/'
	metric_hdd_errors:
	tag: metric.hdd_errors
	require:
	- metric_hdd_errors_parse
	type: prometheus
	metric:
	- name: hdd_errors_total
	type: counter
	desc: The total number of hdd errors.
	label:
	- name: host
	value: ${Hostname}
	- name: device
	value: ${device}
	systemd:
	input:
	systemd:
	type: systemd
	tag: systemd.source
	path: /run/log/journal
	pos_file: {{ pillar.fluentd.agent.dir.positiondb }}/systemd.source.pos
	entry:
	field_map:
	MESSAGE: 'Payload'
	_CMDLINE: 'process'
	_PID: 'Pid'
	_COMM: 'programname'
	_SYSTEMD_UNIT: 'service'
	syslog_identifier: 'ident'
	priority: 'Severity'
	field_map_strict: True
	fields_strip_underscores: True
	fields_lowercase: True
	filter:
	add_severity_label:
	tag: systemd.source
	type: record_transformer
	enable_ruby: true
	record:
	- name: severity_label
	value: '${ {"TRACE"=>8,"DEBUG"=>7,"INFO"=>6,"NOTICE"=>5,"WARNING"=>4,"ERROR"=>3,"CRITICAL"=>2,"ALERT"=>1,"EMERGENCY"=>0}.key(record["Severity"].to_i) }'
	match:
	rewrite_tag:
	tag: systemd.source
	type: rewrite_tag_filter
	rule:
	- name: ident
	regexp: '^(.*)$'
	result: __TAG__.$1
	push_to_default:
	tag: 'systemd.source.*'
	type: copy
	store:
	- type: relabel
	label: default_output
	- type: rewrite_tag_filter
	rule:
	- name: Payload
	regexp: '^Invalid user'
	result: metric.failed_user
	- name: Payload
	regexp: '^Out of memory'
	result: metric.out_of_memory
	- name: Payload
	regexp: >-
	'error.\b[sv]d[a-z]{1,2}\d{0,3}\b.'
	result: metric.hdd_errors
	- name: Payload
	regexp: >-
	'\b[sv]d[a-z]{1,2}\d{0,3}\b.*error'
	result: metric.hdd_errors
	push_to_metric:
	tag: 'metric.**'
	type: relabel
	label: default_metric
	{%- endif %}