feat: add logstash patterns for grok
This commit is contained in:
parent
237e9f7a20
commit
47bdc407b9
4 changed files with 36 additions and 0 deletions
|
|
@ -5,6 +5,10 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
|
|||
|
||||
## [Unreleased]
|
||||
|
||||
### Added
|
||||
|
||||
- feat: add logstash patterns for grok
|
||||
|
||||
### Changed
|
||||
|
||||
- change logstash_inputs variable: dict to array
|
||||
|
|
|
|||
10
README.md
10
README.md
|
|
@ -55,6 +55,16 @@ Install and configure logstash
|
|||
}
|
||||
```
|
||||
|
||||
- `logstash_pattern` hash with grok patterns
|
||||
|
||||
```
|
||||
postfix: |
|
||||
# Syslog stuff
|
||||
PROCESS ([\w._\/%-]+)
|
||||
COMPID postfix\/%{PROCESS:process}(?:\[%{NUMBER:pid}\])?
|
||||
POSTFIX (?:%{SYSLOGTIMESTAMP:timestamp}|%{TIMESTAMP_ISO8601:timestamp8601}) (?:%{SYSLOGFACILITY} )?%{SYSLOGHOST:logsource} %{COMPID}:
|
||||
```
|
||||
|
||||
## How to use
|
||||
|
||||
```
|
||||
|
|
|
|||
|
|
@ -9,3 +9,4 @@ logstash_full_config: '{{ logstash_default_config|combine(logstash_config, recur
|
|||
logstash_inputs: []
|
||||
logstash_outputs: []
|
||||
logstash_filters: []
|
||||
logstash_patterns: {}
|
||||
|
|
|
|||
|
|
@ -42,6 +42,27 @@
|
|||
notify: restart logstash
|
||||
tags: logstash
|
||||
|
||||
- name: create patterns directory
|
||||
file:
|
||||
path: /etc/logstash/patterns
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0755
|
||||
state: directory
|
||||
tags: logstash
|
||||
|
||||
- name: copy patterns files
|
||||
copy:
|
||||
content: '{{ item.value }}'
|
||||
dest: '/etc/logstash/patterns/{{ item.key }}.conf'
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
loop: '{{ logstash_patterns|dict2items }}'
|
||||
loop_control:
|
||||
label: '{{ item.key }}'
|
||||
tags: logstash
|
||||
|
||||
- name: copy input, output and filter files
|
||||
template:
|
||||
src: '{{ item }}.conf.j2'
|
||||
|
|
|
|||
Loading…
Reference in a new issue