12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152 |
- { config, pkgs, lib, ... }:
-
- let
-
- nginxGlobalLogging = ''
- log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", '
- '"remote_addr": "$remote_addr", '
- '"body_bytes_sent": $body_bytes_sent, '
- '"request_time": $request_time, '
- '"response_status": $status, '
- '"request": "$request", '
- '"request_method": "$request_method", '
- '"host": "$host",'
- '"upstream_cache_status": "$upstream_cache_status",'
- '"upstream_addr": "$upstream_addr",'
- '"http_x_forwarded_for": "$http_x_forwarded_for",'
- '"http_referrer": "$http_referer", '
- '"http_user_agent": "$http_user_agent" }';
-
- # replace the hostnames with the IP or hostname of your Graylog2 server
- access_log syslog:server=graylog.server.org:12301 graylog2_json;
- error_log syslog:server=graylog.server.org:12302;
- '';
-
- in
- {
-
- # add central logging
- services.journalbeat = {
- enable = true;
- extraConfig = ''
- journalbeat:
- seek_position: cursor
- cursor_seek_fallback: tail
- write_cursor_state: true
- cursor_flush_period: 5s
- clean_field_names: true
- convert_to_numbers: false
- move_metadata_to_field: journal
- default_type: journal
- kernel: true
- output.logstash:
- # Boolean flag to enable or disable the output module.
- enabled: true
- hosts: ["logging.serv.zentralwerk.org:5044", "172.20.73.13:5044"]
- '';
- };
-
- services.prometheus.exporters.node.enable = true;
- services.prometheus.exporters.node.openFirewall = true;
-
- }
|