Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @version: 3.7
- @include "scl.conf"
- @module mod-java
- destination d_elastic {
- java(
- class_path("/usr/local/lib/syslog-ng/java-modules/elastic.jar:/usr/share/elasticsearch/lib/*.jar:/usr/local/lib/syslog-ng/java-modules/*.jar")
- class_name("org.syslog_ng.elasticsearch.ElasticSearchDestination")
- option("index", "syslog-ng_${YEAR}.${MONTH}.${DAY}")
- option("IP", "${SOURCEIP}")
- option("type", "test")
- );
- };
- source s_tls {
- syslog(
- port(7777)
- transport("tls")
- keep_hostname(yes)
- tls(
- key-file("/usr/local/etc/syslog-ng/key.d/server.key")
- cert-file("/usr/local/etc/syslog-ng/cert.d/server.crt")
- peer-verify(optional-untrusted)
- )
- );
- };
- rewrite r_ip{
- set("${SOURCEIP}", value(".SDATA.meta.IP"));
- };
- parser p_geoip{
- geoip( "${SOURCEIP}", prefix( ".SDATA.meta.geoip."));
- };
- rewrite r_geoip {
- set("${.SDATA.meta.geoip.latitude},${.SDATA.meta.geoip.longitude}", value(".SDATA.meta.geoip.location"));
- };
- log {
- source(s_tls);
- rewrite(r_ip);
- parser(p_geoip);
- rewrite(r_geoip);
- destination(d_elastic);
- };
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
