Skip to content
Message filter plugin to reverse lookup the source field
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
src
.gitignore
.travis.yml
LICENSE
README.md
pom.xml

README.md

DNS Resolver Plugin for Graylog

Build Status

This message filter plugin can be used to do DNS lookups for the source field in Graylog messages.

Required Graylog version: 2.4.0 and later

Please use version 1.1.2 of this plugin if you are still running Graylog 1.x

Installation

Download the plugin and place the .jar file in your Graylog plugin directory. The plugin directory is the plugins/ folder relative from your graylog-server directory by default and can be configured in your graylog.conf file.

Restart graylog-server and you are done.

Configuration

The following configuration options can be added to the Graylog configuration file.

  • dns_resolver_enabled -- Set to true if the message filter should be run. (default false)
  • dns_resolver_run_before_extractors -- Set to true if the DNS lookup should be done before running extractors. (default true)
  • dns_resolver_timeout -- The timeout for the DNS lookup. (default 2s)

Build

This project is using Maven and requires Java 8 or higher.

You can build a plugin (JAR) with mvn package.

DEB and RPM packages can be build with mvn jdeb:jdeb and mvn rpm:rpm respectively.

Plugin Release

We are using the maven release plugin:

$ mvn release:prepare
[...]
$ mvn release:perform

This sets the version numbers, creates a tag and pushes to GitHub. TravisCI will build the release artifacts and upload to GitHub automatically.

You can’t perform that action at this time.