kris/graylog_demo
1
0
Fork 0
mirror of https://github.com/krislamo/graylog_demo synced 2024-12-16 15:00:36 +00:00
Code Issues Releases Wiki Activity

Route the syslog through fluentd via UDP

Browse Source
This commit is contained in:
Kris Lamoureux 2020-02-10 16:17:24 -05:00
parent 5515109396
commit 5a6f09789c
Signed by: kris
GPG Key ID: A30022791E1719A4
4 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Vagrantfile vendored
View File

@ -38,13 +38,9 @@ Vagrant.configure("2") do |config|
systemctl start rsyslog systemctl start rsyslog
systemctl -q enable rsyslog systemctl -q enable rsyslog
# Enable TCP syslog reception
sed -i 's/#\$ModLoad imtcp/\$ModLoad imtcp/g' /etc/rsyslog.conf
sed -i 's/#\$InputTCPServerRun 514/\$InputTCPServerRun 514/g' /etc/rsyslog.conf
# Add rsyslog forwarding option if it does not exist # Add rsyslog forwarding option if it does not exist
if ! grep -q "#{PRIVATE_NET_IP}:1514" /etc/rsyslog.conf; then if ! grep -q "127.0.0.1:5140" /etc/rsyslog.conf; then
echo "*.* @@#{PRIVATE_NET_IP}:1514;RSYSLOG_SyslogProtocol23Format" >> /etc/rsyslog.conf echo "*.* @127.0.0.1:5140" >> /etc/rsyslog.conf
systemctl restart rsyslog systemctl restart rsyslog
fi fi

6
fluentd/fluent.conf
View File

@ -3,6 +3,12 @@
port 24224 port 24224
</source> </source>
<source>
@type syslog
port 5140
tag system
</source>
<match **> <match **>
@type gelf @type gelf
host vagrant_graylog_1 host vagrant_graylog_1

1
graylog.yml
View File

@ -10,6 +10,7 @@ services:
ports: ports:
- 24224:24224 - 24224:24224
- 24224:24224/udp - 24224:24224/udp
- 5140:5140/udp
mongo: mongo:
image: mongo:4.2.2 image: mongo:4.2.2

2
wordpress.yml
View File

@ -28,6 +28,8 @@ services:
driver: "fluentd" driver: "fluentd"
options: options:
fluentd-address: "tcp://127.0.0.1:24224" fluentd-address: "tcp://127.0.0.1:24224"
# Messages are buffered until the connection is established
#fluentd-async-connect: "true"
volumes: volumes:
db_data: {} db_data: {}