Merge pull request 'Modify `syslog.toml` to directly sending logs to `Loki`.' (#89) from vector-syslog-modification into master
Reviewed-on: #89
This commit is contained in:
commit
eeca9f5d73
|
@ -5,12 +5,40 @@ data_dir = "/var/lib/vector"
|
||||||
mode = "tcp" # required
|
mode = "tcp" # required
|
||||||
type = "syslog" # required
|
type = "syslog" # required
|
||||||
|
|
||||||
[sinks.syslog-file]
|
[transforms.reformat-syslog]
|
||||||
# General
|
type = "remap"
|
||||||
type = "file" # required
|
inputs = [ "syslog" ]
|
||||||
inputs = ["syslog"] # required
|
source = """
|
||||||
healthcheck = true # optional, default
|
if contains(.severity, "err") {
|
||||||
path = "/var/log/vector/syslog.log" # required
|
.severity = "error"
|
||||||
|
}
|
||||||
|
|
||||||
|
.sev_filter = !includes(["info", "debug", "notice"], .severity)
|
||||||
|
.msg_filter, err = !match_any(.message, [r'->', r'already registered', r'pam_unix(sudo:session)', r'/opt/vyatta/sbin/ubnt_vtysh', r'ERROR_FILE_NOT_FOUND', r'IpmiIfcOpenIpmiOpen', r'REALLOCATED SECTOR CT below threshold'])
|
||||||
|
"""
|
||||||
|
|
||||||
|
[transforms.filter-syslog]
|
||||||
|
type = "filter"
|
||||||
|
inputs = [ "reformat-syslog" ]
|
||||||
|
condition = '.sev_filter == true && .msg_filter == true'
|
||||||
|
|
||||||
|
[sinks.docker-logs]
|
||||||
|
type = "loki"
|
||||||
|
inputs = ["filter-syslog"]
|
||||||
|
endpoint = "http://192.168.10.101:3100"
|
||||||
|
healthcheck = true
|
||||||
|
remove_timestamp = true
|
||||||
|
|
||||||
|
encoding.codec = "text"
|
||||||
|
|
||||||
|
labels.level = "{{ severity }}"
|
||||||
|
labels.job = "syslog"
|
||||||
|
labels.hostname = "{{ host }}"
|
||||||
|
|
||||||
|
[sinks.file]
|
||||||
|
type = "file"
|
||||||
|
inputs = ["reformat-syslog"]
|
||||||
|
compression = "none"
|
||||||
|
path = "/tmp/vector-%Y-%m-%d.log"
|
||||||
|
encoding = "ndjson"
|
||||||
|
|
||||||
# Encoding
|
|
||||||
encoding.codec = "ndjson" # required
|
|
||||||
|
|
Loading…
Reference in New Issue