feat: add logstash patterns for grok

CHANGELOG.md

@@ -5,6 +5,10 @@ Which is based on [Keep A Changelog](http://keepachangelog.com/)
 
 ## [Unreleased]
 
+### Added
+
+- feat: add logstash patterns for grok
+
 ### Changed
 
 - change logstash_inputs variable: dict to array

README.md

@@ -55,6 +55,16 @@ Install and configure logstash
     }
 ```
 
+- `logstash_pattern` hash with grok patterns
+
+```
+  postfix: |
+    # Syslog stuff
+    PROCESS ([\w._\/%-]+)
+    COMPID postfix\/%{PROCESS:process}(?:\[%{NUMBER:pid}\])?
+    POSTFIX (?:%{SYSLOGTIMESTAMP:timestamp}|%{TIMESTAMP_ISO8601:timestamp8601}) (?:%{SYSLOGFACILITY} )?%{SYSLOGHOST:logsource} %{COMPID}:
+```
+
 ## How to use
 
 ```

defaults/main.yml

@@ -9,3 +9,4 @@ logstash_full_config: '{{ logstash_default_config|combine(logstash_config, recur
 logstash_inputs: []
 logstash_outputs: []
 logstash_filters: []
+logstash_patterns: {}

tasks/main.yml

@@ -42,6 +42,27 @@
   notify: restart logstash
   tags: logstash
 
+- name: create patterns directory
+  file:
+    path: /etc/logstash/patterns
+    owner: root
+    group: root
+    mode: 0755
+    state: directory
+  tags: logstash
+
+- name: copy patterns files
+  copy:
+    content: '{{ item.value }}'
+    dest: '/etc/logstash/patterns/{{ item.key }}.conf'
+    owner: root
+    group: root
+    mode: 0644
+  loop: '{{ logstash_patterns|dict2items }}'
+  loop_control:
+    label: '{{ item.key }}'
+  tags: logstash
+
 - name: copy input, output and filter files
   template:
     src: '{{ item }}.conf.j2'