diff --git a/cookbooks/vector/files/etc/systemd/system/promtail-vector-syslog.service b/cookbooks/vector/files/etc/systemd/system/promtail-vector-syslog.service deleted file mode 100644 index b64c312..0000000 --- a/cookbooks/vector/files/etc/systemd/system/promtail-vector-syslog.service +++ /dev/null @@ -1,12 +0,0 @@ -[Unit] -Description=Grafana Promtail -Documentation=https://github.com/grafana/loki -After=network-online.target - -[Service] -User=root -Restart=always -ExecStart=/usr/local/bin/promtail --config.file=/etc/promtail/syslog.yaml - -[Install] -WantedBy=multi-user.target diff --git a/cookbooks/vector/files/etc/vector/syslog.toml b/cookbooks/vector/files/etc/vector/syslog.toml index ddb3d79..8832d7e 100644 --- a/cookbooks/vector/files/etc/vector/syslog.toml +++ b/cookbooks/vector/files/etc/vector/syslog.toml @@ -25,7 +25,7 @@ data_dir = "/var/lib/vector" [sinks.send-logs] type = "loki" inputs = ["filter-syslog"] - endpoint = "http://192.168.10.101:3100" + endpoint = "http://loki.service.consul:3100" healthcheck = true remove_timestamp = true diff --git a/cookbooks/vector/syslog_setup.rb b/cookbooks/vector/syslog_setup.rb index 58c3185..c5fd5e7 100644 --- a/cookbooks/vector/syslog_setup.rb +++ b/cookbooks/vector/syslog_setup.rb @@ -50,32 +50,10 @@ template '/etc/consul.d/service-vector-syslog.json' do notifies :reload, 'service[consul]' end -service 'cosul' do +service 'consul' do action :nothing end -template '/etc/promtail/syslog.yaml' do - owner 'root' - group 'root' - mode '644' - - variables(LOKIENDPOINT: node['promtail']['lokiendpoint']) - - notifies :restart, 'service[promtail-vector-syslog]' -end - -# Deploy `systemd` configuration for `promtail-loki`: -remote_file '/etc/systemd/system/promtail-vector-syslog.service' do - owner 'root' - group 'root' - mode '644' -end - -# Service setting: -service 'promtail-vector-syslog' do - action [ :enable, :restart ] -end - # Deploy the `logrotated` configuration: remote_file '/etc/logrotate.d/vector-syslog' do owner 'root' diff --git a/cookbooks/vector/templates/etc/promtail/syslog.yaml b/cookbooks/vector/templates/etc/promtail/syslog.yaml deleted file mode 100644 index 523bb82..0000000 --- a/cookbooks/vector/templates/etc/promtail/syslog.yaml +++ /dev/null @@ -1,133 +0,0 @@ -server: - disable: true - -positions: - filename: /var/opt/promtail/promtail_syslog_position.yaml - -clients: - - url: http://<%= @LOKIENDPOINT %>/loki/api/v1/push - -scrape_configs: - - job_name: syslog - static_configs: - - targets: - - localhost - labels: - job: syslog - __path__: /var/log/vector/*.log - - pipeline_stages: - - json: - expressions: - appname: - hostname: - level: severity - message: - timestamp: - - - labels: - appname: - hostname: - level: - - - match: - selector: '{job="syslog", level=~"(debug|DEBUG)"}' - action: drop - - - match: - selector: '{job="syslog", hostname="esxi-new", appname=~"(storageRM|sdrsInjector)"} |= "getting state for"' - action: drop - - - match: - selector: '{job="syslog", hostname="esxi-new", appname="Hostd"} |~ "(->|IpmiIfcOpenIpmiOpen|LikewiseGetDomainJoinInfo|AddVirtualMachine: VM|Solo.HttpSvc.HTTPService|VigorCallback received fault|vim.fault.InvalidPowerState|Unable to get resource settings for a powered on VM|VigorOnlineStatusCb|N7Vmacore16TimeoutExceptionE|Calculated write I/O size)"' - action: drop - - - match: - selector: '{job="syslog", hostname="esxi-new", appname="smartd"} |~ "(REALLOCATED SECTOR CT below threshold)"' - action: drop - - - match: - selector: '{job="syslog", hostname="esxi-new", appname="backup.sh"} |~ "(esx.conf|Creating archive)"' - action: drop - - - match: - selector: '{job="syslog", hostname="esxi-new", appname="Rhttpproxy"} |~ "(warning rhttpproxy|->|last log rotation time)"' - action: drop - - - match: - selector: '{job="syslog", hostname="esxi-new", appname="usbarb", level="notice"}' - action: drop - - - match: - selector: '{job="syslog", hostname="esxi-new", appname="vmauthd", level="notice"}' - action: drop - - - match: - selector: '{job="syslog", hostname="esxi-new"}' - stages: - - timestamp: - source: timestamp - format: 2006-01-02T15:04:05.999Z - location: Etc/GMT - - - template: - source: level - template: '{{ regexReplaceAllLiteral "err" .Value "error" }}' - - - labeldrop: - - appname - - - output: - source: message - - - match: - selector: '{job="syslog", hostname="ubnt", appname="openvpn", level="notice"}' - action: drop - - - match: - selector: '{job="syslog", hostname="ubnt", appname="sudo", level="info"}' - action: drop - - - match: - selector: '{job="syslog", hostname="ubnt"}' - stages: - - timestamp: - source: timestamp - format: 2006-01-02T15:04:05.999Z - location: Asia/Bangkok - - - template: - source: level - template: '{{ regexReplaceAllLiteral "err" .Value "error" }}' - - - labels: - level: - hostname: - - - labeldrop: - - appname - - - output: - source: message - - - match: - selector: '{job="syslog", hostname="ds418"}' - stages: - - timestamp: - source: timestamp - format: 2006-01-02T15:04:05.999Z - location: Asia/Bangkok - - - template: - source: level - template: '{{ regexReplaceAllLiteral "err" .Value "error" }}' - - - labels: - level: - hostname: - - - labeldrop: - - appname - - - output: - source: message