Blame - rsyslog/meta/heka.yml - salt-formulas/rsyslog

blob: 701369c065dcee11766ee7b8455c308b8ab0c373 [file] [log] [blame]

Éric Lemoine	f62ab31	2016-12-13 10:50:56 +0000	[diff] [blame]	1	{%- from "rsyslog/map.jinja" import global with context %}
				2	log_collector:
				3	decoder:
				4	syslog:
				5	engine: sandbox
				6	module_file: /usr/share/lma_collector/decoders/generic_syslog.lua
				7	module_dir: /usr/share/lma_collector/common;/usr/share/heka/lua_modules
				8	adjust_timezone: true
				9	config:
				10	{%- if global.format is defined %}
				11	syslog_pattern: '{{ global.format.template }}'
				12	fallback_syslog_pattern: '%TIMESTAMP% %HOSTNAME% %syslogtag%%msg:::sp-if-no-1st-sp%%msg%\n'
				13	{%- else %}
				14	syslog_pattern: '%TIMESTAMP% %HOSTNAME% %syslogtag%%msg:::sp-if-no-1st-sp%%msg%\n'
				15	{%- endif %}
				16	input:
Petr Michalec	3087c9c	2017-03-30 19:07:17 +0200	[diff] [blame]	17	{%- if salt.get('rsyslog_util.syslog_file_match', None) %}
Éric Lemoine	3b9a74a	2016-12-13 17:32:00 +0000	[diff] [blame]	18	{%- set file_match = salt['rsyslog_util.syslog_file_match'](global.output) %}
				19	{%- if file_match\|length > 0 %}
Éric Lemoine	48f39bf	2016-12-13 16:31:28 +0100	[diff] [blame]	20	{%- for logdir, pattern in file_match.iteritems() %}
				21	syslog{{ logdir.replace('/', '_') }}:
Éric Lemoine	f62ab31	2016-12-13 10:50:56 +0000	[diff] [blame]	22	engine: logstreamer
Éric Lemoine	48f39bf	2016-12-13 16:31:28 +0100	[diff] [blame]	23	log_directory: "{{ logdir }}"
				24	file_match: '(?P<Service>{{ pattern }})'
Éric Lemoine	f62ab31	2016-12-13 10:50:56 +0000	[diff] [blame]	25	differentiator: [ 'system.', 'Service' ]
				26	decoder: "syslog_decoder"
				27	splitter: "TokenSplitter"
Éric Lemoine	48f39bf	2016-12-13 16:31:28 +0100	[diff] [blame]	28	{%- endfor %}
Éric Lemoine	3b9a74a	2016-12-13 17:32:00 +0000	[diff] [blame]	29	{%- endif %}
Petr Michalec	3087c9c	2017-03-30 19:07:17 +0200	[diff] [blame]	30	{%- endif %}
Éric Lemoine	3b9a74a	2016-12-13 17:32:00 +0000	[diff] [blame]	31	syslog_haproxy:
				32	engine: logstreamer
				33	log_directory: "/var/log"
				34	file_match: 'haproxy\.log'
				35	differentiator: [ 'system.', 'haproxy' ]
				36	decoder: "syslog_decoder"
				37	splitter: "TokenSplitter"
Simon Pasquier	dfcfbb1	2017-02-22 11:04:01 +0100	[diff] [blame]	38	filter:
				39	failed_logins:
				40	engine: sandbox
				41	module_file: /usr/share/lma_collector/filters/failed_logins.lua
				42	module_dir: /usr/share/lma_collector/common;/usr/share/heka/lua_modules
				43	message_matcher: "Type == 'log' && Logger == 'system.auth'"
				44	ticker_interval: 60
				45	config:
				46	hostname: '{{ grains.host }}'
				47	grace_interval: 30
Simon Pasquier	e37150b	2017-02-23 10:44:42 +0100	[diff] [blame]	48	metric_collector:
				49	trigger:
				50	failed_logins_warning:
				51	description: 'The rate of failed logins is too high.'
				52	severity: warning
				53	rules:
				54	- metric: failed_logins_rate
				55	relational_operator: '>='
				56	threshold: 0.2
				57	window: 120
				58	periods: 0
				59	function: avg
				60	alarm:
				61	failed_logins:
				62	alerting: enabled
				63	triggers:
				64	- failed_logins_warning