23
7
Fork 3
nix-config/lib/logging.nix

53 Zeilen
1.7 KiB
Nix

{ config, pkgs, lib, ... }:
let
nginxGlobalLogging = ''
log_format graylog2_json escape=json '{ "timestamp": "$time_iso8601", '
'"remote_addr": "$remote_addr", '
'"body_bytes_sent": $body_bytes_sent, '
'"request_time": $request_time, '
'"response_status": $status, '
'"request": "$request", '
'"request_method": "$request_method", '
'"host": "$host",'
'"upstream_cache_status": "$upstream_cache_status",'
'"upstream_addr": "$upstream_addr",'
'"http_x_forwarded_for": "$http_x_forwarded_for",'
'"http_referrer": "$http_referer", '
'"http_user_agent": "$http_user_agent" }';
# replace the hostnames with the IP or hostname of your Graylog2 server
access_log syslog:server=graylog.server.org:12301 graylog2_json;
error_log syslog:server=graylog.server.org:12302;
'';
in
{
# add central logging
services.journalbeat = {
enable = true;
extraConfig = ''
journalbeat:
seek_position: cursor
cursor_seek_fallback: tail
write_cursor_state: true
cursor_flush_period: 5s
clean_field_names: true
convert_to_numbers: false
move_metadata_to_field: journal
default_type: journal
kernel: true
output.logstash:
# Boolean flag to enable or disable the output module.
enabled: true
hosts: ["logging.serv.zentralwerk.org:5044", "172.20.73.13:5044"]
'';
};
services.prometheus.exporters.node.enable = true;
services.prometheus.exporters.node.openFirewall = true;
}