diff --git a/cookbooks/promtail/templates/etc/promtail/base.yaml b/cookbooks/promtail/templates/etc/promtail/base.yaml index d9fd628..1dbc00e 100644 --- a/cookbooks/promtail/templates/etc/promtail/base.yaml +++ b/cookbooks/promtail/templates/etc/promtail/base.yaml @@ -262,7 +262,7 @@ scrape_configs: pipeline_stages: - match: - selector: '{job="init"} |~ "(apt|Message of the Day|motd-news|Temporary Directories|man-db|fwupd|Firmware update daemon|systemd-tmpfiles-clean.service|Rotate log files|logrotate.service)"' + selector: '{job="init"} |~ "(apt|Message of the Day|motd-news|Temporary Directories|man-db|fwupd|Firmware update daemon|systemd-tmpfiles-clean.service|Rotate log files|logrotate.service|[Pp]ackage[Kk]it|/run/dbus/system_bus_socket|[Ss]nap|lxd|Reloading|Mount unit|ext4 Metadata|e2scrub_all.service)"' stages: - template: source: level @@ -272,7 +272,7 @@ scrape_configs: level: - match: - selector: '{job="init"} !~ "(apt|Message of the Day|motd-news|Temporary Directories|man-db|fwupd|Firmware update daemon|systemd-tmpfiles-clean.service|Rotate log files|logrotate.service)"' + selector: '{job="init"} !~ "(apt|Message of the Day|motd-news|Temporary Directories|man-db|fwupd|Firmware update daemon|systemd-tmpfiles-clean.service|Rotate log files|logrotate.service|[Pp]ackage[Kk]it|/run/dbus/system_bus_socket|[Ss]nap|lxd|Reloading|Mount unit|ext4 Metadata|e2scrub_all.service)"' stages: - template: source: level @@ -386,3 +386,29 @@ scrape_configs: - output: source: message + + - job_name: unattended-upgrades + static_configs: + - targets: + - localhost + labels: + job: unattended-upgrades + hostname: <%= @HOSTNAME %> + level: notice + __path__: /var/log/unattended-upgrades/unattended-upgrades.log + + pipeline_stages: + - match: + selector: '{job="unattended-upgrades"}' + stages: + - regex: + expression: '^(?P\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}),\d{3} (?P[^ ]+) (?P.+)$' + + - timestamp: + source: timestamp + format: 2006-01-02 15:04:05 + location: Asia/Tokyo + + - output: + source: message + diff --git a/cookbooks/vector/templates/etc/promtail/syslog.yaml b/cookbooks/vector/templates/etc/promtail/syslog.yaml index d7f9eac..83a95d7 100644 --- a/cookbooks/vector/templates/etc/promtail/syslog.yaml +++ b/cookbooks/vector/templates/etc/promtail/syslog.yaml @@ -39,7 +39,7 @@ scrape_configs: action: drop - match: - selector: '{job="syslog", hostname="esxi-new", appname="Hostd"} |~ "(->|IpmiIfcOpenIpmiOpen|LikewiseGetDomainJoinInfo)"' + selector: '{job="syslog", hostname="esxi-new", appname="Hostd"} |~ "(->|IpmiIfcOpenIpmiOpen|LikewiseGetDomainJoinInfo|AddVirtualMachine: VM|Solo.HttpSvc.HTTPService|VigorCallback received fault|vim.fault.InvalidPowerState|Unable to get resource settings for a powered on VM|VigorOnlineStatusCb|N7Vmacore16TimeoutExceptionE)"' action: drop - match: @@ -51,7 +51,15 @@ scrape_configs: action: drop - match: - selector: '{job="syslog", hostname="esxi-new", appname="Rhttpproxy"} |~ "(warning rhttpproxy)"' + selector: '{job="syslog", hostname="esxi-new", appname="Rhttpproxy"} |~ "(warning rhttpproxy|->)"' + action: drop + + - match: + selector: '{job="syslog", hostname="esxi-new", appname="usbarb", level="notice"}' + action: drop + + - match: + selector: '{job="syslog", hostname="esxi-new", appname="vmauthd", level="notice"}' action: drop - match: @@ -83,7 +91,28 @@ scrape_configs: - match: selector: '{job="syslog", hostname="ubnt"}' stages: - + - timestamp: + source: timestamp + format: 2006-01-02T15:04:05.999Z + location: Asia/Bangkok + + - template: + source: level + template: '{{ regexReplaceAllLiteral "err" .Value "error" }}' + + - labels: + level: + hostname: + + - labeldrop: + - appname + + - output: + source: message + + - match: + selector: '{job="syslog", hostname="ds418"}' + stages: - timestamp: source: timestamp format: 2006-01-02T15:04:05.999Z