-
Notifications
You must be signed in to change notification settings - Fork 465
/
loggly.conf
79 lines (76 loc) · 2.69 KB
/
loggly.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
#############################################################################
# Copyright (c) 2015 Balabit
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License version 2 as published
# by the Free Software Foundation, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
# As an additional exemption you are allowed to compile & link against the
# OpenSSL libraries as published by the OpenSSL project. See the file
# COPYING for details.
#
#############################################################################
# EXAMPLES:
#
# Just send all syslog to loggly:
# log {
# source { system(); };
# destination { loggly(token("USER-TOKEN-AS-PROVIDED-BY-LOGGLY")); };
# };
#
# With TLS encryption (make sure you trust the loggly CA cert by putting it
# to /etc/ssl, or create a separate CA directory):
#
# log {
# destination {
# loggly(token("USER-TOKEN-AS-PROVIDED-BY-LOGGLY") port(6514) transport(tls)
# tls(peer-verify(required-trusted) ca-dir('/etc/ssl/certs'))
# );
# };
# };
#
#
# Send JSON data:
# log {
# source { system(); };
# destination {
# loggly(token("USER-TOKEN-AS-PROVIDED-BY-LOGGLY")
# template("$(format-json --scope all-nv-pairs)"));
# );
# };
# };
#
#
# Send already parsed apache logs to loggly:
# log {
# source { file("/var/log/apache2/access.log" flags(no-parse)); };
# parser { apache-accesslog-parser(); };
# destination {
# loggly(token("USER-TOKEN-AS-PROVIDED-BY-LOGGLY")
# tag(apache)
# template("$(format-json .apache.* timestamp=${ISODATE})"));
# };
# }
#
@requires json-plugin
block destination loggly(token(TOKEN)
tag("tag")
host('logs-01.loggly.com')
port(514)
transport(tcp)
template("$MSG") ...) {
network("`host`" port(`port`) transport(`transport`)
template("<${PRI}>1 ${ISODATE} ${HOST} ${PROGRAM} ${PID} ${MSGID} [`token`@41058 tag=\"`tag`\"] `template`\n")
template_escape(no)
`__VARARGS__`
);
};