From 47c2f7784adf52a880c1eb575eb2d1e1e4a044ef Mon Sep 17 00:00:00 2001
From: Kazuhiro MUSASHI <simoom634@yahoo.co.jp>
Date: Sat, 26 Sep 2020 16:53:26 +0900
Subject: [PATCH 1/2] Modify the kernel parameter to adjust the timeout for
 nf_conntrack.

---
 .../files/etc/sysctl.d/90-conntrack-tcp-timeout-time-wait.conf | 1 +
 cookbooks/base/kernel.rb                                       | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)
 create mode 100644 cookbooks/base/files/etc/sysctl.d/90-conntrack-tcp-timeout-time-wait.conf

diff --git a/cookbooks/base/files/etc/sysctl.d/90-conntrack-tcp-timeout-time-wait.conf b/cookbooks/base/files/etc/sysctl.d/90-conntrack-tcp-timeout-time-wait.conf
new file mode 100644
index 0000000..21767ce
--- /dev/null
+++ b/cookbooks/base/files/etc/sysctl.d/90-conntrack-tcp-timeout-time-wait.conf
@@ -0,0 +1 @@
+net.netfilter.nf_conntrack_tcp_timeout_time_wait=60
diff --git a/cookbooks/base/kernel.rb b/cookbooks/base/kernel.rb
index 2ce9e8e..14b6d45 100644
--- a/cookbooks/base/kernel.rb
+++ b/cookbooks/base/kernel.rb
@@ -2,7 +2,8 @@ STORAGE = '/etc/sysctl.d'
 
 [
   "#{STORAGE}/90-vm-swappiness.conf",
-  "#{STORAGE}/90-vfs-cache-pressure.conf"
+  "#{STORAGE}/90-vfs-cache-pressure.conf",
+  "#{STORAGE}/90-conntrack-tcp-timeout-time-wait.conf"
 ].each do |conf|
   remote_file conf do
     owner 'root'

From f1c09b8ae93ebb24fa6c674f446db8d6aecc43fd Mon Sep 17 00:00:00 2001
From: Kazuhiro MUSASHI <simoom634@yahoo.co.jp>
Date: Sat, 26 Sep 2020 16:56:15 +0900
Subject: [PATCH 2/2] Change the severity of `nf_conntrack` message.

---
 cookbooks/promtail/templates/etc/promtail/base.yaml | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/cookbooks/promtail/templates/etc/promtail/base.yaml b/cookbooks/promtail/templates/etc/promtail/base.yaml
index 349b78c..147ebfe 100644
--- a/cookbooks/promtail/templates/etc/promtail/base.yaml
+++ b/cookbooks/promtail/templates/etc/promtail/base.yaml
@@ -282,11 +282,21 @@ scrape_configs:
 
     pipeline_stages:
     - match:
-        selector: '{job="systemd"} !~ "temperature"'
+        selector: '{job="systemd"} !~ "(temperature|nf_conntrack)"'
         stages:
         - drop:
             expression: (CMD|UFW|session|TTY)
 
+    - match:
+        selector: '{job="systemd"} |~ "nf_conntrack"'
+        stages:
+        - template:
+            source: level
+            template: 'error'
+
+        - labels:
+            level:
+
     - match:
         selector: '{job="systemd"} |~ "temperature"'