iac
/
syslog-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

dups

This commit is contained in:
Kameron Kenny 2024-06-21 14:38:56 -04:00
parent 1bba05a537
commit 77529a3ff3
No known key found for this signature in database
GPG Key ID: E5006629839D2276
4 changed files with 10 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -1,7 +1,7 @@
FROM debian:latest FROM debian:latest
MAINTAINER Kameron Kenny <kkenny379@gmail.com> MAINTAINER Kameron Kenny <kkenny379@gmail.com>
LABEL version="20240621.2.1" LABEL version="20240621.2.2"
LABEL description="Debian Based syslog-ng" LABEL description="Debian Based syslog-ng"
RUN apt-get update RUN apt-get update

8
config/syslog-ng.conf.d/bind-dns.conf
View File

@ -20,7 +20,7 @@ parser p_bind_message {
); );
}; };
rewrite r_docker_header { rewrite r_bind_docker_header {
subst("5000\/tlp\/", "", value("docker")); subst("5000\/tlp\/", "", value("docker"));
subst(":", " ", value("docker")); subst(":", " ", value("docker"));
subst(":", " ", value("docker")); subst(":", " ", value("docker"));
@ -29,7 +29,7 @@ rewrite r_docker_header {
subst('\]', " ", value("docker")); subst('\]', " ", value("docker"));
}; };
parser p_docker_header { parser p_bind_docker_header {
csv-parser( csv-parser(
template("${docker}") template("${docker}")
flags(strip-whitespace) flags(strip-whitespace)
@ -73,8 +73,8 @@ log {
source(s_network_udp); source(s_network_udp);
filter(f_bind9); filter(f_bind9);
parser(p_bind_message); parser(p_bind_message);
rewrite(r_docker_header); rewrite(r_bind_docker_header);
parser(p_docker_header); parser(p_bind_docker_header);
parser(p_client_ip_port); parser(p_client_ip_port);
parser(p_bind_client_ip_geoip2_city); parser(p_bind_client_ip_geoip2_city);
destination(d_bind_logs); destination(d_bind_logs);

20
config/syslog-ng.conf.d/nginx.conf
View File

@ -1,17 +1,5 @@
filter f_nginx { match("nginx" value("PROGRAM")); }; filter f_nginx { match("nginx" value("PROGRAM")); };
rewrite r_docker_image {
subst("^5000/tlp/", "image:", value("MESSAGE"));
subst(":(?=(\d*\.\d*\.\d*))", " version:", value("MESSAGE"));
subst('(\/)(?=\S*\[)', " container_name:", value("MESSAGE"));
subst('((?!=container_name:(\S*))\[(?=\d*))', " pid:", value("MESSAGE"));
subst('((?!=pid:(\d*))\]:)', "", value("MESSAGE"));
subst('((?!=pid:(\d*))\ )', " datetime:", value("MESSAGE"));
subst('((?!=datetime:(\d*-\w*-\d*))\ )', "_", value("MESSAGE"));
subst('((?!=datetime:(\d*-\w*-\d*_\d*)):)', ".", value("MESSAGE"));
subst('((?!=datetime:(\d*-\w*-\d*_\d*\.\d*)):)', ".", value("MESSAGE"));
};
parser p_nginx_message { parser p_nginx_message {
csv-parser( csv-parser(
dialect(escape-double-char) dialect(escape-double-char)
@ -22,14 +10,14 @@ parser p_nginx_message {
); );
}; };
rewrite r_docker_header { rewrite r_nginx_docker_header {
subst(":", " ", value("docker")); subst(":", " ", value("docker"));
subst("\/", " ", value("docker")); subst("\/", " ", value("docker"));
subst('\[', " ", value("docker")); subst('\[', " ", value("docker"));
subst('\]', " ", value("docker")); subst('\]', " ", value("docker"));
}; };
parser p_docker_header { parser p_nginx_docker_header {
csv-parser( csv-parser(
template("${docker}") template("${docker}")
flags(strip-whitespace) flags(strip-whitespace)
@ -64,8 +52,8 @@ log {
source(s_network_udp); source(s_network_udp);
filter(f_nginx); filter(f_nginx);
parser(p_nginx_message); parser(p_nginx_message);
rewrite(r_docker_header); rewrite(r_nginx_docker_header);
parser(p_docker_header); parser(p_nginx_docker_header);
parser(p_nginx_client_ip_geoip2_city); parser(p_nginx_client_ip_geoip2_city);
destination(d_nginx_logs); destination(d_nginx_logs);
flags(final); flags(final);

2
docker-compose.yml
View File

@ -10,7 +10,7 @@ services:
syslog-ng: syslog-ng:
build: build:
dockerfile: Dockerfile dockerfile: Dockerfile
image: docker-registry1.in.thelinuxpro.net:5000/tlp/syslog-ng:240621.2.1 image: docker-registry1.in.thelinuxpro.net:5000/tlp/syslog-ng:240621.2.2
container_name: syslog-ng container_name: syslog-ng
restart: unless-stopped restart: unless-stopped
networks: networks: