turn on geoip2

2024-06-18 13:06:16 -04:00 · 2024-06-18 13:06:16 -04:00 · 2d2d0c84f1
parent f4ce9b5100
commit 2d2d0c84f1
3 changed files with 40 additions and 40 deletions
--- a/2
+++ b/2
@ -1,7 +1,7 @@
 FROM debian:latest
 MAINTAINER Kameron Kenny <kkenny379@gmail.com>
-LABEL version="20240618.1.6"
+LABEL version="20240618.1.7"
 LABEL description="Debian Based syslog-ng"
 RUN apt-get update
--- a/config/syslog-ng.conf
+++ b/config/syslog-ng.conf
@ -24,36 +24,36 @@ filter f_unifi_wlan { message("wlan:"); };
 parser p_kv { kv-parser(prefix("kv.")); };
 parser p_suricata_json { json-parser(prefix("suricata.")); };
-#parser p_fw_src_ip_geoip2_city {
+parser p_fw_src_ip_geoip2_city {
-#  geoip2(
+  geoip2(
-#    "${kv.SRC}",
+    "${kv.SRC}",
-#    prefix( "geoip2." )
+    prefix( "geoip2.source." )
-#    database( "/config/GeoIP/GeoLite2-City.mmdb" )
+    database( "/config/GeoIP/GeoLite2-City.mmdb" )
-#  );
+  );
-#};
+};
-#parser p_fw_dst_ip_geoip2_city {
+parser p_fw_dst_ip_geoip2_city {
-#  geoip2(
+  geoip2(
-#    "${kv.DST}",
+    "${kv.DST}",
-#    prefix( "geoip2." )
+    prefix( "geoip2.destination." )
-#    database( "/config/GeoIP/GeoLite2-City.mmdb" )
+    database( "/config/GeoIP/GeoLite2-City.mmdb" )
-#  );
+  );
-#};
+};
-#parser p_suricata_dest_ip_geoip2_city {
+parser p_suricata_dest_ip_geoip2_city {
-#  geoip2(
+  geoip2(
-#    "${suricata.dest_ip}",
+    "${suricata.dest_ip}",
-#    prefix( "geoip2." )
+    prefix( "geoip2.destination." )
-#    database( "/config/GeoIP/GeoLite2-City.mmdb" )
+    database( "/config/GeoIP/GeoLite2-City.mmdb" )
-#  );
+  );
-#};
+};
-#parser p_suricata_src_ip_geoip2_city {
+parser p_suricata_src_ip_geoip2_city {
-#  geoip2(
+  geoip2(
-#    "${suricata.src_ip}",
+    "${suricata.src_ip}",
-#    prefix( "geoip2." )
+    prefix( "geoip2.source." )
-#    database( "/config/GeoIP/GeoLite2-City.mmdb" )
+    database( "/config/GeoIP/GeoLite2-City.mmdb" )
-#  );
+  );
-#};
+};
 destination d_local {
  file("/var/log/messages");
@ -206,8 +206,8 @@ log {
  source(s_network_udp);
  filter(f_unifi_suricata);
  parser(p_suricata_json);
-#  parser(p_suricata_src_ip_geoip2_city);
+  parser(p_suricata_src_ip_geoip2_city);
-#  parser(p_suricata_dest_ip_geoip2_city);
+  parser(p_suricata_dest_ip_geoip2_city);
  destination(d_unifi_suricata);
  flags(final);
 };
@ -223,8 +223,8 @@ log {
  source(s_network_udp);
  filter(f_unifi_fw_lan);
  parser(p_kv);
-#  parser(p_fw_src_ip_geoip2_city);
+  parser(p_fw_src_ip_geoip2_city);
-#  parser(p_fw_dst_ip_geoip2_city);
+  parser(p_fw_dst_ip_geoip2_city);
  destination(d_unifi_firewall);
  flags(final);
 };
@ -233,8 +233,8 @@ log {
  source(s_network_udp);
  filter(f_unifi_fw_wan);
  parser(p_kv);
-#  parser(p_fw_src_ip_geoip2_city);
+  parser(p_fw_src_ip_geoip2_city);
-#  parser(p_fw_dst_ip_geoip2_city);
+  parser(p_fw_dst_ip_geoip2_city);
  destination(d_unifi_firewall);
  flags(final);
 };
@ -243,8 +243,8 @@ log {
  source(s_network_udp);
  filter(f_unifi_fw_dnat);
  parser(p_kv);
-#  parser(p_fw_src_ip_geoip2_city);
+  parser(p_fw_src_ip_geoip2_city);
-#  parser(p_fw_dst_ip_geoip2_city);
+  parser(p_fw_dst_ip_geoip2_city);
  destination(d_unifi_firewall);
  flags(final);
 };
@ -253,8 +253,8 @@ log {
  source(s_network_udp);
  filter(f_unifi_fw_guest);
  parser(p_kv);
-#  parser(p_fw_src_ip_geoip2_city);
+  parser(p_fw_src_ip_geoip2_city);
-#  parser(p_fw_dst_ip_geoip2_city);
+  parser(p_fw_dst_ip_geoip2_city);
  destination(d_unifi_firewall);
  flags(final);
 };
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -10,7 +10,7 @@ services:
  syslog-ng:
    build:
      dockerfile: Dockerfile
-    image: docker-registry1.in.thelinuxpro.net:5000/tlp/syslog-ng:240618.1.6
+    image: docker-registry1.in.thelinuxpro.net:5000/tlp/syslog-ng:240618.1.7
    container_name: syslog-ng
      #    environment:
      #- PUID=0