Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / 2fb1114e8e9c35a00eb7ff1373c973fcbff05b8f / . / fluentd / label / notifications / audit.yml
blob: da0c31a5a1e9f4cd9d387a76e319761892de9a03 [file] [log] [blame]
Dmitry Kalashnik276d9292019-04-16 15:26:21 +0400[diff] [blame]1parameters:
2 _param:
3 elasticsearch_port: 9200
4 fluentd:
5 agent:
6 config:
7 label:
8 audit_messages:
9 filter:
10 get_payload_values:
11 tag: audit
12 type: record_transformer
13 enable_ruby: true
14 record:
15 - name: Logger
16 value: ${fluentd:dollar}{ record.dig("publisher_id") }
17 - name: Severity
18 value: ${fluentd:dollar}{ {'TRACE'=>7,'DEBUG'=>7,'INFO'=>6,'AUDIT'=>6,'WARNING'=>4,'ERROR'=>3,'CRITICAL'=>2}[record['priority']].to_i }
19 - name: Timestamp
20 value: ${fluentd:dollar}{ DateTime.strptime(record.dig("payload", "eventTime"), "%Y-%m-%dT%H:%M:%S.%N%z").strftime("%Y-%m-%dT%H:%M:%S.%3NZ") }
21 - name: notification_type
22 value: ${fluentd:dollar}{ record.dig("event_type") }
23 - name: severity_label
24 value: ${fluentd:dollar}{ record.dig("priority") }
25 - name: environment_label
26 value: ${_param:cluster_domain}
27
28 - name: action
29 value: ${fluentd:dollar}{ record.dig("payload", "action") }
30 - name: event_type
31 value: ${fluentd:dollar}{ record.dig("payload", "eventType") }
32 - name: outcome
33 value: ${fluentd:dollar}{ record.dig("payload", "outcome") }
34 pack_payload_to_json:
35 tag: audit
36 require:
37 - get_payload_values
38 type: record_transformer
39 enable_ruby: true
40 remove_keys: '["payload", "timestamp", "publisher_id", "priority"]'
41 record:
42 - name: Payload
43 value: ${fluentd:dollar}{ record["payload"].to_json }
44 match:
45 audit_output:
46 tag: audit
47 type: elasticsearch
Dmitry Kalashnik23307742019-05-23 16:47:18 +0400[diff] [blame]48 host: ${_param:fluentd_elasticsearch_host}
49 port: ${_param:fluentd_elasticsearch_port}
50 scheme: ${_param:fluentd_elasticsearch_scheme}
Dmitry Kalashnik276d9292019-04-16 15:26:21 +0400[diff] [blame]51 es_index_name: audit
52 tag_key: Type