61 lines
1.7 KiB
Django/Jinja
61 lines
1.7 KiB
Django/Jinja
loki.source.journal "system" {
|
|
forward_to = [loki.write.default.receiver]
|
|
labels = {
|
|
job = "systemd-journal",
|
|
host = "beepi",
|
|
}
|
|
}
|
|
|
|
local.file_match "fail2ban" {
|
|
path_targets = [{"__path__" = "/var/log/fail2ban.log", job = "fail2ban", host = "beepi"}]
|
|
}
|
|
|
|
local.file_match "varlog" {
|
|
path_targets = [{"__path__" = "/var/log/*.log", job = "varlog", "__path_exclude__" = "/var/log/fail2ban.log", host = "beepi"}]
|
|
}
|
|
|
|
loki.source.file "varlog" {
|
|
targets = local.file_match.varlog.targets
|
|
forward_to = [loki.write.default.receiver]
|
|
}
|
|
|
|
loki.source.file "fail2ban_source" {
|
|
targets = local.file_match.fail2ban.targets
|
|
forward_to = [loki.process.geoip.receiver]
|
|
}
|
|
|
|
loki.process "geoip" {
|
|
forward_to = [loki.write.default.receiver]
|
|
stage.regex {
|
|
expression = `^.*:\s(?<level>\w*)\s*\[(?<service>\w*)\]\s(?<type>\w*)\s(?<ip>(?:(?:2(?:[0-4][0-9]|5[0-5])|[0-1]?[0-9]?[0-9])\.){3}(?:(?:2([0-4][0-9]|5[0-5])|[0-1]?[0-9]?[0-9]))).*$`
|
|
labels_from_groups = true
|
|
}
|
|
|
|
stage.geoip {
|
|
db = "/opt/database/GeoLite2-City.mmdb"
|
|
source = "ip"
|
|
db_type = "city"
|
|
}
|
|
|
|
stage.labels {
|
|
values = {
|
|
geoip_city_name = "",
|
|
geoip_country_name = "",
|
|
geoip_country_code = "",
|
|
geoip_continent_name = "",
|
|
geoip_continent_code = "",
|
|
geoip_location_latitude = "",
|
|
geoip_location_longitude = "",
|
|
geoip_postal_code = "",
|
|
geoip_timezone = "",
|
|
geoip_subdivision_name = "",
|
|
geoip_subdivision_code = "",
|
|
}
|
|
}
|
|
}
|
|
|
|
loki.write "default" {
|
|
endpoint {
|
|
url = "http://loki:3100/loki/api/v1/push"
|
|
}
|
|
} |