-
Notifications
You must be signed in to change notification settings - Fork 466
/
logmatic.conf
76 lines (74 loc) · 2.82 KB
/
logmatic.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
#############################################################################
# Copyright (c) 2015 Balabit
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 as published
# by the Free Software Foundation, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
# As an additional exemption you are allowed to compile & link against the
# OpenSSL libraries as published by the OpenSSL project. See the file
# COPYING for details.
#
#############################################################################
#
# Just send all syslog to logmatic:
# log {
# source { system(); };
# destination { logmatic(token("API-KEY-AS-PROVIDED-BY-LOGMATIC")); };
# };
#
# With TLS encryption (make sure you trust the loggly CA cert by putting it
# to /etc/ssl, or create a separate CA directory):
#
# log {
# source { system(); };
# destination {
# logmatic(token("API-KEY-AS-PROVIDED-BY-LOGMATIC") port(10515)
# tls(peer-verify(required-trusted) ca-dir('/etc/ssl/certs'))
# );
# };
# };
#
# Send JSON data:
# log {
# source { system(); };
# destination {
# logmatic(token("API-KEY-AS-PROVIDED-BY-LOGMATIC")
# template("$(format-json --scope all-nv-pairs)"));
# );
# };
# };
#
# Send already parsed apache logs to logmatic:
# log {
# source { file("/var/log/apache2/access.log" flags(no-parse)); };
# parser { apache-accesslog-parser(); };
# destination {
# logmatic(token("API-KEY-AS-PROVIDED-BY-LOGMATIC")
# tag(apache)
# template("$(format-json .apache.*)"));
# };
# }
#
@requires json-plugin
block destination logmatic(token(TOKEN)
host('api.logmatic.io')
port(10514)
template("$MSG")
...) {
network("`host`" port(`port`) transport(tcp)
template("`token` <${PRI}>1 ${ISODATE} ${HOST:--} ${PROGRAM:--} ${PID:--} ${MSGID:--} ${SDATA:--} `template`\n")
template_escape(no)
so-keepalive(yes)
`__VARARGS__`
);
};