From ac2da272d48449a4d94d7dec3a5e429a8e29dbb3 Mon Sep 17 00:00:00 2001
From: Daniel Aharon <daharon@sazze.com>
Date: Tue, 7 Feb 2012 09:35:10 -0800
Subject: [PATCH] Update Redhat packaging.

---
 contrib/distro/fedora/graylog2.conf           | 48 ----------
 .../graylog2-0.9.6.spec}                      | 28 +++---
 contrib/distro/redhat/graylog2.conf           | 88 +++++++++++++++++++
 .../distro/{fedora => redhat}/graylog2.drl    |  0
 .../distro/{fedora => redhat}/graylog2.init   |  2 +-
 5 files changed, 107 insertions(+), 59 deletions(-)
 delete mode 100644 contrib/distro/fedora/graylog2.conf
 rename contrib/distro/{fedora/graylog2-0.9.5p1.spec => redhat/graylog2-0.9.6.spec} (71%)
 create mode 100644 contrib/distro/redhat/graylog2.conf
 rename contrib/distro/{fedora => redhat}/graylog2.drl (100%)
 rename contrib/distro/{fedora => redhat}/graylog2.init (95%)

diff --git a/contrib/distro/fedora/graylog2.conf b/contrib/distro/fedora/graylog2.conf
deleted file mode 100644
index 377060aa6f0a..000000000000
--- a/contrib/distro/fedora/graylog2.conf
+++ /dev/null
@@ -1,48 +0,0 @@
-# On which port (UDP) should we listen for Syslog messages? (Standard: 514)
-syslog_listen_port = 514
-syslog_protocol = udp
-
-# MongoDB Configuration
-mongodb_useauth = false
-#mongodb_user = grayloguser
-#mongodb_password = 123
-mongodb_host = localhost
-#mongodb_replica_set = localhost:27017,localhost:27018,localhost:27019
-mongodb_database = graylog2
-mongodb_port = 27017
-
-# Raise this according to the maximum connections your MongoDB server can handle if 
-# you encounter MongoDB connection problems or queuing up messages.
-mongodb_max_connections = 150
-
-# Number of threads allowed to be blocked by MongoDB connections multiplier. 
-# Default: 5
-# If mongodb_max_connections is 150, and mongodb_threads_allowed_to_block_multiplier
-# is 5, then 750 threads can block. More than that and an exception will be thrown.
-# http://api.mongodb.org/java/current/com/mongodb/MongoOptions.html#threadsAllowedToBlockForConnectionMultiplier
-mongodb_threads_allowed_to_block_multiplier = 5
-
-# The (pre-allocated) size of the messages collection in bytes.  All your syslog 
-# and GELF messages are stored here. Standard: 50000000 [~50MB]
-messages_collection_size = 50000000 
-
-# Graylog Extended Log Format (GELF)
-use_gelf = true
-gelf_listen_port = 12201
-
-# Drools Rule File (Use to rewrite incoming log messages)
-# rules_file = /etc/graylog2.d/rules/graylog2.drl
-
-# AMQP
-amqp_enabled = false
-#amqp_subscribed_queues = somequeue1:gelf,somequeue2:gelf,somequeue3:syslog
-#amqp_host = localhost
-#amqp_port = 5672
-#amqp_username = guest
-#amqp_password = guest
-#amqp_virtualhost = /
-
-# Forwarders
-# Timeout in seconds for each connection and read of Logg.ly API when forwarding 
-# messages. Default: 3
-#forwarder_loggly_timeout = 3    
diff --git a/contrib/distro/fedora/graylog2-0.9.5p1.spec b/contrib/distro/redhat/graylog2-0.9.6.spec
similarity index 71%
rename from contrib/distro/fedora/graylog2-0.9.5p1.spec
rename to contrib/distro/redhat/graylog2-0.9.6.spec
index 829d631a0596..03de1abe062f 100644
--- a/contrib/distro/fedora/graylog2-0.9.5p1.spec
+++ b/contrib/distro/redhat/graylog2-0.9.6.spec
@@ -1,7 +1,7 @@
 Name:		graylog2
-Version:	0.9.5p1
+Version:	0.9.6
 Release:	1%{?dist}
-Summary:	Graylog2 is an open source log management solution that stores your logs in MongoDB.
+Summary:	Graylog2 is an open source log management solution that stores your logs in ElasticSearch.
 Group:		System Environment/Daemons 
 License:	GPLv2
 URL:		http://www.graylog2.org/
@@ -14,7 +14,7 @@ BuildRoot:	%(mktemp -ud %{_tmppath}/%{name}-server-%{version}-%{release}-XXXXXX)
 Requires:	java-1.6.0-openjdk
 
 %description
-Graylog2 is an open source syslog implementation that stores your logs in MongoDB. It consists of a server written in Java that accepts your syslog messages via TCP or UDP and stores it in the database. The second part is a Ruby on Rails web interface that allows you to view the log messages.
+Graylog2 is an open source syslog implementation that stores your logs in ElasticSearch. It consists of a server written in Java that accepts your syslog messages via TCP or UDP and stores it in the database. The second part is a Ruby on Rails web interface that allows you to view the log messages.
 
 
 %prep
@@ -26,18 +26,19 @@ Graylog2 is an open source syslog implementation that stores your logs in MongoD
 
 %install
 rm -rf $RPM_BUILD_ROOT
-%{__install} -p -D -m 0755 %{SOURCE3} %{buildroot}%{_initrddir}/%{name}
-
+# Directories
 %{__install} -p -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}
 %{__install} -p -d -m 0755 %{buildroot}%{_sysconfdir}/%{name}/rules
-%{__install} -p -D -m 0755 %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/rules/%{name}.drl
-%{__install} -p -D -m 0755 %{SOURCE2} %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
-
 %{__install} -p -d -m 0755 %{buildroot}%{_datadir}/%{name}
-%{__install} -p -D -m 0644 %{name}-server.jar %{buildroot}%{_datadir}/%{name}/%{name}-server.jar
-
 %{__install} -p -d -m 0755 %{buildroot}%{_localstatedir}/log/%{name}
 
+# Files
+%{__install} -p -D -m 0755 %{SOURCE3} %{buildroot}%{_initrddir}/%{name}
+%{__install} -p -D -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/rules/%{name}.drl
+%{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/%{name}/%{name}.conf
+
+%{__install} -p -D -m 0644 %{name}-server.jar %{buildroot}%{_datadir}/%{name}/%{name}-server.jar
+
 
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -69,5 +70,12 @@ fi
 
 
 %changelog
+* Mon Feb 6 2012 Daniel Aharon <daharon@sazze.com> - 0.9.6
+- Update to 0.9.6
+- Fix permissions for files/dirs.
+
+* Mon May 16 2011 Daniel Aharon <daharon@sazze.com> - 0.9.5sazze1
+- Modified Graylog2-server to better handle multiple rules in streams.
+
 * Mon May 16 2011 Daniel Aharon <daharon@sazze.com> - 0.9.5p1
 - Initial packaging for Fedora.
diff --git a/contrib/distro/redhat/graylog2.conf b/contrib/distro/redhat/graylog2.conf
new file mode 100644
index 000000000000..db7de0802fd3
--- /dev/null
+++ b/contrib/distro/redhat/graylog2.conf
@@ -0,0 +1,88 @@
+# On which port (UDP) should we listen for Syslog messages? (Standard: 514)
+syslog_listen_port = 514
+syslog_protocol = udp
+
+# ElasticSearch URL (default: http://localhost:9200/)
+elasticsearch_url = http://localhost:9200/
+elasticsearch_index_name = graylog2
+
+# Always try a reverse DNS lookup instead of parsing hostname from syslog message?
+# force_syslog_rdns = false
+# Set time to NOW if parsing date/time from syslog message failed instead of rejecting it?
+allow_override_syslog_date = true
+
+# MongoDB Configuration
+mongodb_useauth = false
+#mongodb_user = grayloguser
+#mongodb_password = 123
+mongodb_host = localhost
+#mongodb_replica_set = localhost:27017,localhost:27018,localhost:27019
+mongodb_database = graylog2
+mongodb_port = 27017
+
+# Raise this according to the maximum connections your MongoDB server can handle if 
+# you encounter MongoDB connection problems or queuing up messages.
+mongodb_max_connections = 150
+
+# Number of threads allowed to be blocked by MongoDB connections multiplier. 
+# Default: 5
+# If mongodb_max_connections is 150, and mongodb_threads_allowed_to_block_multiplier
+# is 5, then 750 threads can block. More than that and an exception will be thrown.
+# http://api.mongodb.org/java/current/com/mongodb/MongoOptions.html#threadsAllowedToBlockForConnectionMultiplier
+mongodb_threads_allowed_to_block_multiplier = 5
+
+# Graylog2 uses an internal message queue that holds all received messages until they# are indexed. The mq_batch_size parameter defines how many messages are sent
+# to ElasticSearch at once (using a _bulk update: 
+# http://www.elasticsearch.org/guide/reference/api/bulk.html) 
+# The mq_poll_freq parameter controls in which interval (in seconds) the message 
+# batch is sent. Example: If you leave the standard values 
+# (mq_batch_size = 4000, mq_poll_freq = 1), Graylog2 will index 4000 messages every 
+# second. If you have spikes with more than 4000 messages per second, the queue will 
+# start growing until you get under 4000 messages/second again. The queue is FIFO and
+# can grow until you run out of RAM. Note that the queue *only* resists in RAM, so if
+# you set the mq_poll_freq to a high value, you may lose a lot of not yet indexed 
+# messages when the server crashes. Run the server in debug mode 
+# (java -jar graylog2-server.jar --debug) with a |grep '^INFO' to see debug 
+# information about the queue and it's size. 
+# (INFO : org.graylog2.periodical.BulkIndexerThread - About to index max 4000 
+# messages. You have a total of 103 messages in the queue. [freq:1s])
+# You can also monitor the queue size in your graylog2-web-interface.
+mq_batch_size = 4000
+mq_poll_freq = 1
+
+# You can set a maximum size of the message queue. If this size is reached, all new 
+# messages will be rejected until messages are removed/indexed from the queue.
+# 0 = unlimited queue size (default)
+mq_max_size = 0
+
+# Enable realtime collection? This will additionally store information about received
+# messages in a MongoDB collection capped to 50MB size and allows to use realtime 
+# features. It usually is a good idea to keep this enabled because it should not 
+# cause much IO load.
+enable_realtime_collection = true
+
+# The (pre-allocated) size of the messages collection in bytes.  All your syslog 
+# and GELF messages are stored here. Standard: 50000000 [~50MB]
+messages_collection_size = 50000000 
+
+# Graylog Extended Log Format (GELF)
+use_gelf = true
+gelf_listen_address = 0.0.0.0
+gelf_listen_port = 12201
+
+# Drools Rule File (Use to rewrite incoming log messages)
+# rules_file = /etc/graylog2.d/rules/graylog2.drl
+
+# AMQP
+amqp_enabled = false
+#amqp_subscribed_queues = somequeue1:gelf,somequeue2:gelf,somequeue3:syslog
+#amqp_host = localhost
+#amqp_port = 5672
+#amqp_username = guest
+#amqp_password = guest
+#amqp_virtualhost = /
+
+# Forwarders
+# Timeout in seconds for each connection and read of Logg.ly API when forwarding 
+# messages. Default: 3
+#forwarder_loggly_timeout = 3    
diff --git a/contrib/distro/fedora/graylog2.drl b/contrib/distro/redhat/graylog2.drl
similarity index 100%
rename from contrib/distro/fedora/graylog2.drl
rename to contrib/distro/redhat/graylog2.drl
diff --git a/contrib/distro/fedora/graylog2.init b/contrib/distro/redhat/graylog2.init
similarity index 95%
rename from contrib/distro/fedora/graylog2.init
rename to contrib/distro/redhat/graylog2.init
index 34e21852214e..534310a5b2dd 100755
--- a/contrib/distro/fedora/graylog2.init
+++ b/contrib/distro/redhat/graylog2.init
@@ -36,7 +36,7 @@ unset pid
 gl2_run() {
   # Disable csh style history expansion for safety
   set +H
-    daemon "( $JAVA_BIN -jar -DconfigPath=$configfile \"$jar\" >\"$logfile\" 2>&1 & echo \"\$!\" >\"$pidfile\" )"
+    daemon "( $JAVA_BIN -jar \"$jar\" --configfile $configfile > \"$logfile\" 2>&1 & echo \"\$!\" > \"$pidfile\" )"
     pid=$(<"$pidfile")
   sleep 1
     if kill -0 "$pid" >/dev/null 2>&1