ryanc/ansible
1
0
Fork 0
Code Issues 4 Pull Requests Releases Wiki Activity

promtail: add configuration

Browse Source
This commit is contained in:
Ryan Cavicchioni 2024-04-14 18:24:43 -05:00
parent e3549cf829
commit f4585ad0ee
1 changed files with 100 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

136
group_vars/all/main.yaml
View File

@ -255,51 +255,111 @@ promtail_clients:
provider: linode provider: linode
promtail_scrape_configs: promtail_scrape_configs:
- job_name: system - job_name: journal
static_configs: journal:
- targets: json: false
- localhost max_age: 12h
path: /var/log/journal
labels: labels:
job: syslog job: systemd-journal
__path__: "/var/log/syslog/{{ ansible_hostname }}/**/*.log" relabel_configs:
- job_name: nginx - source_labels:
static_configs: - __journal__systemd_unit
- targets: target_label: systemd_unit
- localhost - source_labels:
labels: - __journal_unit
job: nginx target_label: unit
host: "{{ ansible_hostname }}" - source_labels:
__path__: /var/log/nginx/*.log - __journal_priority_keyword
target_label: priority
- source_labels:
- __journal_syslog_identifier
target_label: syslog_identifier
pipeline_stages: pipeline_stages:
- match: - match:
selector: '{job="nginx"}' selector: '{systemd_unit=~"(alertmanager|blackbox_exporter|grafana|karma|kthxbye|loki|mimir|node_exporter|prometheus|promtail|pushgateway|thanos).+"}'
stages:
- logfmt:
mapping:
level:
ts:
- timestamp:
source: ts
format: RFC3339Nano
- timestamp:
source: t
format: RFC3339Nano
- labels:
priority: level
- job_name: nginx-access
static_configs:
- targets:
- localhost
labels:
job: nginx-access
__path__: /var/log/nginx/*.access.log
pipeline_stages:
- match:
selector: '{job="nginx-access"}'
stages: stages:
- regex: - regex:
expression: '^(?P<remote_addr>[^ ]+) - (?P<remote_user>[^ ]*) \[(?P<time_local>.*)\] "(?P<method>[^ ]*) (?P<request>[^ ]*) (?P<protocol>[^ ]*)" (?P<status>[\d]+) (?P<body_bytes_sent>[\d]+) "(?P<http_referer>[^"]*)" "(?P<http_user_agent>[^"]*)"?' expression: ^(?P<hostname>[0-9A-Za-z\.:-]+) (?P<remote_addr>[0-9A-Za-z\.:-]+) (?P<remote_logname>[0-9A-Za-z-]+) (?P<remote_username>[0-9A-Za-z-]+) \[(?P<timestamp>\d{2}\/\w{3}\/\d{4}:\d{2}:\d{2}:\d{2} (\+|-)\d{4})\] "(?P<request_method>[A-Z]+) (?P<URI>\S+) (?P<http_version>HTTP\/[0-9\.]+)" (?P<request_status>\d{3})
- metrics: - timestamp:
nginx_requests_total: source: timestamp
type: Counter format: "02/Jan/2006:15:04:05 -0700"
description: requests in nginx access logs
source: method
config:
action: inc
- labels: - labels:
#remote_addr: hostname:
#remote_user: method: request_method
#time_local: status: request_status
method: version: http_version
#request: - job_name: nginx-error
#protocol: static_configs:
status: - targets:
body_bytes_sent: - localhost
#http_referer: labels:
#http_user_agent: job: nginx-error
__path__: /var/log/nginx/*.error.log
pipeline_stages:
- match:
selector: '{job="nginx-error"}'
stages:
- regex:
expression: '^(?P<timestamp>\d{4}\/\d{2}\/\d{2} \d{2}:\d{2}:\d{2}) \[(?P<priority>\w+)\] (?P<pid>\d+)\#(?P<tid>\d+): (?:\*(?P<cid>\d+))?'
- labels:
priority:
- timestamp:
source: timestamp
format: "2023/08/16 02:43:32"
- regex:
expression: 'host: "(?P<hostname>[0-9A-Za-z\.:-]+)"'
- labels:
hostname:
- job_name: syslog
syslog:
listen_address: 0.0.0.0:1514
listen_protocol: tcp
idle_timeout: 60s
label_structured_data: true
labels:
job: syslog
pipeline_stages:
- match:
selector: '{host=~"ap0|coresw0|fw0|power0|172\\."}'
stages:
- static_labels:
region: home
provider: home
loki_service_enabled: false relabel_configs:
loki_service_state: stopped - source_labels:
- __syslog_message_hostname
promtail_service_enabled: false target_label: host
promtail_service_state: stopped - source_labels:
- __syslog_message_severity
target_label: priority
- source_labels:
- __syslog_message_app_name
target_label: syslog_identifier
influxdb_service_enabled: false influxdb_service_enabled: false
influxdb_service_state: stopped influxdb_service_state: stopped