kazu634
/
itamae
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

housekeep-promtail-config-for-vector #14

Merged
kazu634 merged 5 commits from housekeep-promtail-config-for-vector into main 2024-04-03 07:11:24 +00:00
Conversation 0 Commits 5 Files Changed 4 +2 -169
4 changed files with 2 additions and 169 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
cookbooks/vector/files/etc/systemd/system/promtail-vector-syslog.service
View File

@ -1,12 +0,0 @@
[Unit]
Description=Grafana Promtail
Documentation=https://github.com/grafana/loki
After=network-online.target
[Service]
User=root
Restart=always
ExecStart=/usr/local/bin/promtail --config.file=/etc/promtail/syslog.yaml
[Install]
WantedBy=multi-user.target

2
cookbooks/vector/files/etc/vector/syslog.toml
View File

@ -25,7 +25,7 @@ data_dir = "/var/lib/vector"
[sinks.send-logs] [sinks.send-logs]
type = "loki" type = "loki"
inputs = ["filter-syslog"] inputs = ["filter-syslog"]
endpoint = "http://192.168.10.101:3100" endpoint = "http://loki.service.consul:3100"
healthcheck = true healthcheck = true
remove_timestamp = true remove_timestamp = true

24
cookbooks/vector/syslog_setup.rb
View File

@ -50,32 +50,10 @@ template '/etc/consul.d/service-vector-syslog.json' do
notifies :reload, 'service[consul]' notifies :reload, 'service[consul]'
end end
service 'cosul' do service 'consul' do
action :nothing action :nothing
end end
template '/etc/promtail/syslog.yaml' do
owner 'root'
group 'root'
mode '644'
variables(LOKIENDPOINT: node['promtail']['lokiendpoint'])
notifies :restart, 'service[promtail-vector-syslog]'
end
# Deploy `systemd` configuration for `promtail-loki`:
remote_file '/etc/systemd/system/promtail-vector-syslog.service' do
owner 'root'
group 'root'
mode '644'
end
# Service setting:
service 'promtail-vector-syslog' do
action [ :enable, :restart ]
end
# Deploy the `logrotated` configuration: # Deploy the `logrotated` configuration:
remote_file '/etc/logrotate.d/vector-syslog' do remote_file '/etc/logrotate.d/vector-syslog' do
owner 'root' owner 'root'

133
cookbooks/vector/templates/etc/promtail/syslog.yaml
View File

@ -1,133 +0,0 @@
server:
disable: true
positions:
filename: /var/opt/promtail/promtail_syslog_position.yaml
clients:
- url: http://<%= @LOKIENDPOINT %>/loki/api/v1/push
scrape_configs:
- job_name: syslog
static_configs:
- targets:
- localhost
labels:
job: syslog
__path__: /var/log/vector/*.log
pipeline_stages:
- json:
expressions:
appname:
hostname:
level: severity
message:
timestamp:
- labels:
appname:
hostname:
level:
- match:
selector: '{job="syslog", level=~"(debug|DEBUG)"}'
action: drop
- match:
selector: '{job="syslog", hostname="esxi-new", appname=~"(storageRM|sdrsInjector)"} |= "getting state for"'
action: drop
- match:
selector: '{job="syslog", hostname="esxi-new", appname="Hostd"} |~ "(->|IpmiIfcOpenIpmiOpen|LikewiseGetDomainJoinInfo|AddVirtualMachine: VM|Solo.HttpSvc.HTTPService|VigorCallback received fault|vim.fault.InvalidPowerState|Unable to get resource settings for a powered on VM|VigorOnlineStatusCb|N7Vmacore16TimeoutExceptionE|Calculated write I/O size)"'
action: drop
- match:
selector: '{job="syslog", hostname="esxi-new", appname="smartd"} |~ "(REALLOCATED SECTOR CT below threshold)"'
action: drop
- match:
selector: '{job="syslog", hostname="esxi-new", appname="backup.sh"} |~ "(esx.conf|Creating archive)"'
action: drop
- match:
selector: '{job="syslog", hostname="esxi-new", appname="Rhttpproxy"} |~ "(warning rhttpproxy|->|last log rotation time)"'
action: drop
- match:
selector: '{job="syslog", hostname="esxi-new", appname="usbarb", level="notice"}'
action: drop
- match:
selector: '{job="syslog", hostname="esxi-new", appname="vmauthd", level="notice"}'
action: drop
- match:
selector: '{job="syslog", hostname="esxi-new"}'
stages:
- timestamp:
source: timestamp
format: 2006-01-02T15:04:05.999Z
location: Etc/GMT
- template:
source: level
template: '{{ regexReplaceAllLiteral "err" .Value "error" }}'
- labeldrop:
- appname
- output:
source: message
- match:
selector: '{job="syslog", hostname="ubnt", appname="openvpn", level="notice"}'
action: drop
- match:
selector: '{job="syslog", hostname="ubnt", appname="sudo", level="info"}'
action: drop
- match:
selector: '{job="syslog", hostname="ubnt"}'
stages:
- timestamp:
source: timestamp
format: 2006-01-02T15:04:05.999Z
location: Asia/Bangkok
- template:
source: level
template: '{{ regexReplaceAllLiteral "err" .Value "error" }}'
- labels:
level:
hostname:
- labeldrop:
- appname
- output:
source: message
- match:
selector: '{job="syslog", hostname="ds418"}'
stages:
- timestamp:
source: timestamp
format: 2006-01-02T15:04:05.999Z
location: Asia/Bangkok
- template:
source: level
template: '{{ regexReplaceAllLiteral "err" .Value "error" }}'
- labels:
level:
hostname:
- labeldrop:
- appname
- output:
source: message