Saltstack Official Linux Formula

fluentd.yml 5.4KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172
  1. {%- if grains.get('init') == 'systemd' %}
  2. agent:
  3. plugin:
  4. fluent-plugin-systemd:
  5. deb: ['td-agent-additional-plugins']
  6. config:
  7. label:
  8. default_metric:
  9. filter:
  10. metric_failed_user:
  11. tag: metric.failed_user
  12. type: prometheus
  13. metric:
  14. - name: failed_logins_total
  15. type: counter
  16. desc: The total number of failed logins.
  17. label:
  18. - name: host
  19. value: ${Hostname}
  20. metric_out_of_memory:
  21. tag: metric.out_of_memory
  22. type: prometheus
  23. metric:
  24. - name: out_of_memory_total
  25. type: counter
  26. desc: The total number of OOM.
  27. label:
  28. - name: host
  29. value: ${Hostname}
  30. metric_hdd_errors_parse:
  31. tag: metric.hdd_errors
  32. type: parser
  33. key_name: Payload
  34. parser:
  35. type: regexp
  36. format: '/(?<device>[sv]d[a-z]+\d*)/'
  37. metric_hdd_errors:
  38. tag: metric.hdd_errors
  39. require:
  40. - metric_hdd_errors_parse
  41. type: prometheus
  42. metric:
  43. - name: hdd_errors_total
  44. type: counter
  45. desc: The total number of hdd errors.
  46. label:
  47. - name: host
  48. value: ${Hostname}
  49. - name: device
  50. value: ${device}
  51. systemd:
  52. input:
  53. systemd:
  54. type: systemd
  55. tag: systemd.source
  56. path: /run/log/journal
  57. pos_file: {{ pillar.fluentd.agent.dir.positiondb }}/systemd.source.pos
  58. entry:
  59. field_map:
  60. MESSAGE: 'Payload'
  61. _CMDLINE: 'process'
  62. _PID: 'Pid'
  63. _COMM: 'programname'
  64. _SYSTEMD_UNIT: 'service'
  65. syslog_identifier: 'ident'
  66. priority: 'Severity'
  67. field_map_strict: True
  68. fields_strip_underscores: True
  69. fields_lowercase: True
  70. filter:
  71. add_severity_label:
  72. tag: systemd.source
  73. type: record_transformer
  74. enable_ruby: true
  75. record:
  76. - name: severity_label
  77. value: '${ {"TRACE"=>8,"DEBUG"=>7,"INFO"=>6,"NOTICE"=>5,"WARNING"=>4,"ERROR"=>3,"CRITICAL"=>2,"ALERT"=>1,"EMERGENCY"=>0}.key(record["Severity"].to_i) }'
  78. match:
  79. rewrite_tag:
  80. tag: systemd.source
  81. type: rewrite_tag_filter
  82. rule:
  83. - name: ident
  84. regexp: '^(.*)$'
  85. result: __TAG__.$1
  86. push_to_default:
  87. tag: 'systemd.source.*'
  88. type: copy
  89. store:
  90. - type: relabel
  91. label: default_output
  92. - type: rewrite_tag_filter
  93. rule:
  94. - name: Payload
  95. regexp: '^Invalid user'
  96. result: metric.failed_user
  97. - name: Payload
  98. regexp: '^Out of memory'
  99. result: metric.out_of_memory
  100. - name: Payload
  101. regexp: >-
  102. 'error.*\b[sv]d[a-z]{1,2}\d{0,3}\b.*'
  103. result: metric.hdd_errors
  104. - name: Payload
  105. regexp: >-
  106. '\b[sv]d[a-z]{1,2}\d{0,3}\b.*error'
  107. result: metric.hdd_errors
  108. push_to_metric:
  109. tag: 'metric.**'
  110. type: relabel
  111. label: default_metric
  112. {%- else %}
  113. agent:
  114. config:
  115. label:
  116. default_metric:
  117. filter:
  118. metric_hdd_errors_parse:
  119. tag: metric.hdd_errors
  120. type: parser
  121. key_name: Payload
  122. parser:
  123. type: regexp
  124. format: '/(?<device>[sv]d[a-z]+\d*)/'
  125. metric_hdd_errors:
  126. tag: metric.hdd_errors
  127. require:
  128. - metric_hdd_errors_parse
  129. type: prometheus
  130. metric:
  131. - name: hdd_errors_total
  132. type: counter
  133. desc: The total number of hdd errors.
  134. label:
  135. - name: host
  136. value: ${Hostname}
  137. - name: device
  138. value: ${device}
  139. syslog:
  140. input:
  141. syslog_file:
  142. type: tail
  143. tag: linux.syslog
  144. path: /var/log/syslog
  145. pos_file: {{ pillar.fluentd.agent.dir.positiondb }}/linux_syslog.pos
  146. suppress_parse_error_log: true
  147. parser:
  148. type: regexp
  149. format: >-
  150. '/(?<Payload>.*(?<device>[sv]d[a-z]{1,2}\d{0,3}).*)/'
  151. match:
  152. push_to_default:
  153. tag: 'linux.**'
  154. type: copy
  155. store:
  156. - type: relabel
  157. label: default_output
  158. - type: rewrite_tag_filter
  159. rule:
  160. - name: Payload
  161. regexp: >-
  162. 'error.*\b[sv]d[a-z]{1,2}\d{0,3}\b.*'
  163. result: metric.hdd_errors
  164. - name: Payload
  165. regexp: >-
  166. '\b[sv]d[a-z]{1,2}\d{0,3}\b.*error'
  167. result: metric.hdd_errors
  168. push_to_metric:
  169. tag: 'metric.**'
  170. type: relabel
  171. label: default_metric
  172. {%- endif %}