iac
/
syslog-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

dups

This commit is contained in:
Kameron Kenny 2024-06-21 14:38:56 -04:00
parent 1bba05a537
commit 77529a3ff3
No known key found for this signature in database
GPG Key ID: E5006629839D2276
4 changed files with 10 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Dockerfile
View File

@ -1,7 +1,7 @@
FROM debian:latest
MAINTAINER Kameron Kenny <kkenny379@gmail.com>
LABEL version="20240621.2.1"
LABEL version="20240621.2.2"
LABEL description="Debian Based syslog-ng"
RUN apt-get update

8
config/syslog-ng.conf.d/bind-dns.conf
View File

@ -20,7 +20,7 @@ parser p_bind_message {
);
};
rewrite r_docker_header {
rewrite r_bind_docker_header {
subst("5000\/tlp\/", "", value("docker"));
subst(":", " ", value("docker"));
subst(":", " ", value("docker"));
@ -29,7 +29,7 @@ rewrite r_docker_header {
subst('\]', " ", value("docker"));
};
parser p_docker_header {
parser p_bind_docker_header {
csv-parser(
template("${docker}")
flags(strip-whitespace)
@ -73,8 +73,8 @@ log {
source(s_network_udp);
filter(f_bind9);
parser(p_bind_message);
rewrite(r_docker_header);
parser(p_docker_header);
rewrite(r_bind_docker_header);
parser(p_bind_docker_header);
parser(p_client_ip_port);
parser(p_bind_client_ip_geoip2_city);
destination(d_bind_logs);

20
config/syslog-ng.conf.d/nginx.conf
View File

@ -1,17 +1,5 @@
filter f_nginx { match("nginx" value("PROGRAM")); };
rewrite r_docker_image {
subst("^5000/tlp/", "image:", value("MESSAGE"));
subst(":(?=(\d*\.\d*\.\d*))", " version:", value("MESSAGE"));
subst('(\/)(?=\S*\[)', " container_name:", value("MESSAGE"));
subst('((?!=container_name:(\S*))\[(?=\d*))', " pid:", value("MESSAGE"));
subst('((?!=pid:(\d*))\]:)', "", value("MESSAGE"));
subst('((?!=pid:(\d*))\ )', " datetime:", value("MESSAGE"));
subst('((?!=datetime:(\d*-\w*-\d*))\ )', "_", value("MESSAGE"));
subst('((?!=datetime:(\d*-\w*-\d*_\d*)):)', ".", value("MESSAGE"));
subst('((?!=datetime:(\d*-\w*-\d*_\d*\.\d*)):)', ".", value("MESSAGE"));
};
parser p_nginx_message {
csv-parser(
dialect(escape-double-char)
@ -22,14 +10,14 @@ parser p_nginx_message {
);
};
rewrite r_docker_header {
rewrite r_nginx_docker_header {
subst(":", " ", value("docker"));
subst("\/", " ", value("docker"));
subst('\[', " ", value("docker"));
subst('\]', " ", value("docker"));
};
parser p_docker_header {
parser p_nginx_docker_header {
csv-parser(
template("${docker}")
flags(strip-whitespace)
@ -64,8 +52,8 @@ log {
source(s_network_udp);
filter(f_nginx);
parser(p_nginx_message);
rewrite(r_docker_header);
parser(p_docker_header);
rewrite(r_nginx_docker_header);
parser(p_nginx_docker_header);
parser(p_nginx_client_ip_geoip2_city);
destination(d_nginx_logs);
flags(final);

2
docker-compose.yml
View File

@ -10,7 +10,7 @@ services:
syslog-ng:
build:
dockerfile: Dockerfile
image: docker-registry1.in.thelinuxpro.net:5000/tlp/syslog-ng:240621.2.1
image: docker-registry1.in.thelinuxpro.net:5000/tlp/syslog-ng:240621.2.2
container_name: syslog-ng
restart: unless-stopped
networks: