fluent-plugin-papertrail 0.2.3 → 0.2.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/docker/Dockerfile +4 -2
- data/docker/conf/fluent.conf +2 -2
- data/docker/conf/kubernetes.conf +20 -20
- data/docker/conf/systemd.conf +17 -7
- data/fluent-plugin-papertrail.gemspec +1 -1
- data/kubernetes/fluentd-daemonset-papertrail.yaml +4 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3413dd7623c0aab24484393559a57199331c9830
|
4
|
+
data.tar.gz: 0f21d2987c62bc31dd38c35bcec83dcce3bc6821
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f31eab178bfbed278862bbc68e18f2493e1fc9ab60b84a8f2dbb67ed4a3f8a0b74cb1587c5111cae65ebc14ad9d351731a37eb86178ab06ba366402d41ef7156
|
7
|
+
data.tar.gz: 33eec86f6cbee0ff4f0bdc91c41028f3d3371aece5b71c6b82d8dcfc8db9c61e8248d0556f692e347c05055e4ee77976bcea9631bc91e987e5a68e24d647b519
|
data/docker/Dockerfile
CHANGED
@@ -12,9 +12,11 @@ RUN apt-get update \
|
|
12
12
|
|
13
13
|
RUN echo 'gem: --no-document' >> /etc/gemrc \
|
14
14
|
&& gem install fluent-plugin-systemd -v 0.3.1 \
|
15
|
-
&& gem install fluent-plugin-rewrite-tag-filter -v
|
15
|
+
&& gem install fluent-plugin-rewrite-tag-filter -v 2.0.2 \
|
16
16
|
&& gem install fluent-plugin-papertrail -v 0.2.3 \
|
17
|
-
&& gem install fluent-plugin-
|
17
|
+
&& gem install fluent-plugin-loggly-anno -v 0.0.2 \
|
18
|
+
&& gem install fluent-plugin-kubernetes_metadata_input -v 0.21.11 \
|
19
|
+
&& gem install fluent-plugin-kubernetes_metadata_filter -v 2.0.0
|
18
20
|
|
19
21
|
RUN SUDO_FORCE_REMOVE=yes \
|
20
22
|
apt-get purge -y --auto-remove \
|
data/docker/conf/fluent.conf
CHANGED
@@ -3,14 +3,14 @@
|
|
3
3
|
|
4
4
|
## Capture audit logs
|
5
5
|
#<match kube-apiserver-audit>
|
6
|
-
# type papertrail
|
6
|
+
# @type papertrail
|
7
7
|
#
|
8
8
|
# papertrail_host "#{ENV['FLUENT_PAPERTRAIL_AUDIT_HOST']}"
|
9
9
|
# papertrail_port "#{ENV['FLUENT_PAPERTRAIL_AUDIT_PORT']}"
|
10
10
|
#</match>
|
11
11
|
|
12
12
|
<match **>
|
13
|
-
type papertrail
|
13
|
+
@type papertrail
|
14
14
|
|
15
15
|
papertrail_host "#{ENV['FLUENT_PAPERTRAIL_HOST']}"
|
16
16
|
papertrail_port "#{ENV['FLUENT_PAPERTRAIL_PORT']}"
|
data/docker/conf/kubernetes.conf
CHANGED
@@ -1,9 +1,9 @@
|
|
1
1
|
<match fluent.**>
|
2
|
-
type null
|
2
|
+
@type null
|
3
3
|
</match>
|
4
4
|
|
5
5
|
<source>
|
6
|
-
type tail
|
6
|
+
@type tail
|
7
7
|
path /var/log/containers/*.log
|
8
8
|
pos_file /var/log/fluentd-containers.log.pos
|
9
9
|
time_format %Y-%m-%dT%H:%M:%S.%NZ
|
@@ -13,7 +13,7 @@
|
|
13
13
|
</source>
|
14
14
|
|
15
15
|
<source>
|
16
|
-
type tail
|
16
|
+
@type tail
|
17
17
|
format /^(?<time>[^ ]* [^ ,]*)[^\[]*\[[^\]]*\]\[(?<severity>[^ \]]*) *\] (?<message>.*)$/
|
18
18
|
time_format %Y-%m-%d %H:%M:%S
|
19
19
|
path /var/log/salt/minion
|
@@ -22,7 +22,7 @@
|
|
22
22
|
</source>
|
23
23
|
|
24
24
|
<source>
|
25
|
-
type tail
|
25
|
+
@type tail
|
26
26
|
format syslog
|
27
27
|
path /var/log/startupscript.log
|
28
28
|
pos_file /var/log/fluentd-startupscript.log.pos
|
@@ -30,7 +30,7 @@
|
|
30
30
|
</source>
|
31
31
|
|
32
32
|
<source>
|
33
|
-
type tail
|
33
|
+
@type tail
|
34
34
|
format /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
|
35
35
|
path /var/log/docker.log
|
36
36
|
pos_file /var/log/fluentd-docker.log.pos
|
@@ -38,7 +38,7 @@
|
|
38
38
|
</source>
|
39
39
|
|
40
40
|
<source>
|
41
|
-
type tail
|
41
|
+
@type tail
|
42
42
|
format none
|
43
43
|
path /var/log/etcd.log
|
44
44
|
pos_file /var/log/fluentd-etcd.log.pos
|
@@ -46,7 +46,7 @@
|
|
46
46
|
</source>
|
47
47
|
|
48
48
|
<source>
|
49
|
-
type tail
|
49
|
+
@type tail
|
50
50
|
format kubernetes
|
51
51
|
multiline_flush_interval 5s
|
52
52
|
path /var/log/kubelet.log
|
@@ -55,7 +55,7 @@
|
|
55
55
|
</source>
|
56
56
|
|
57
57
|
<source>
|
58
|
-
type tail
|
58
|
+
@type tail
|
59
59
|
format kubernetes
|
60
60
|
multiline_flush_interval 5s
|
61
61
|
path /var/log/kube-proxy.log
|
@@ -64,7 +64,7 @@
|
|
64
64
|
</source>
|
65
65
|
|
66
66
|
<source>
|
67
|
-
type tail
|
67
|
+
@type tail
|
68
68
|
format kubernetes
|
69
69
|
multiline_flush_interval 5s
|
70
70
|
path /var/log/kube-apiserver.log
|
@@ -73,7 +73,7 @@
|
|
73
73
|
</source>
|
74
74
|
|
75
75
|
<source>
|
76
|
-
type tail
|
76
|
+
@type tail
|
77
77
|
format kubernetes
|
78
78
|
multiline_flush_interval 5s
|
79
79
|
path /var/log/kube-controller-manager.log
|
@@ -82,7 +82,7 @@
|
|
82
82
|
</source>
|
83
83
|
|
84
84
|
<source>
|
85
|
-
type tail
|
85
|
+
@type tail
|
86
86
|
format kubernetes
|
87
87
|
multiline_flush_interval 5s
|
88
88
|
path /var/log/kube-scheduler.log
|
@@ -91,7 +91,7 @@
|
|
91
91
|
</source>
|
92
92
|
|
93
93
|
<source>
|
94
|
-
type tail
|
94
|
+
@type tail
|
95
95
|
format kubernetes
|
96
96
|
multiline_flush_interval 5s
|
97
97
|
path /var/log/rescheduler.log
|
@@ -100,7 +100,7 @@
|
|
100
100
|
</source>
|
101
101
|
|
102
102
|
<source>
|
103
|
-
type tail
|
103
|
+
@type tail
|
104
104
|
format kubernetes
|
105
105
|
multiline_flush_interval 5s
|
106
106
|
path /var/log/glbc.log
|
@@ -109,7 +109,7 @@
|
|
109
109
|
</source>
|
110
110
|
|
111
111
|
<source>
|
112
|
-
type tail
|
112
|
+
@type tail
|
113
113
|
format kubernetes
|
114
114
|
multiline_flush_interval 5s
|
115
115
|
path /var/log/cluster-autoscaler.log
|
@@ -121,7 +121,7 @@
|
|
121
121
|
# 2017-02-09T00:15:57.992775796Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" ip="104.132.1.72" method="GET" user="kubecfg" as="<self>" asgroups="<lookup>" namespace="default" uri="/api/v1/namespaces/default/pods"
|
122
122
|
# 2017-02-09T00:15:57.993528822Z AUDIT: id="90c73c7c-97d6-4b65-9461-f94606ff825f" response="200"
|
123
123
|
<source>
|
124
|
-
type tail
|
124
|
+
@type tail
|
125
125
|
format multiline
|
126
126
|
multiline_flush_interval 5s
|
127
127
|
format_firstline /^\S+\s+AUDIT:/
|
@@ -139,13 +139,12 @@
|
|
139
139
|
</source>
|
140
140
|
|
141
141
|
<filter kubernetes.**>
|
142
|
-
type kubernetes_metadata
|
143
|
-
|
144
|
-
annotation_match ["solarwinds.io/papertrail_*"]
|
142
|
+
@type kubernetes_metadata
|
143
|
+
annotation_match ["solarwinds.io/*"]
|
145
144
|
</filter>
|
146
145
|
|
147
146
|
<filter kube-apiserver-audit>
|
148
|
-
type record_transformer
|
147
|
+
@type record_transformer
|
149
148
|
enable_ruby true
|
150
149
|
<record>
|
151
150
|
hostname #{ENV['FLUENT_HOSTNAME']}
|
@@ -159,7 +158,7 @@
|
|
159
158
|
# append namespace and pod name to hostname, so that logs in Papertrail are filterable by each
|
160
159
|
# use container name as program name, but trim it to 32 characters to match remote_syslog spec
|
161
160
|
<filter kubernetes.**>
|
162
|
-
type record_transformer
|
161
|
+
@type record_transformer
|
163
162
|
enable_ruby true
|
164
163
|
<record>
|
165
164
|
hostname #{ENV['FLUENT_HOSTNAME']}-${record["kubernetes"]["namespace_name"]}-${record["kubernetes"]["pod_name"]}
|
@@ -168,4 +167,5 @@
|
|
168
167
|
facility local0
|
169
168
|
message ${record['log']}
|
170
169
|
</record>
|
170
|
+
remove_keys ["log"]
|
171
171
|
</filter>
|
data/docker/conf/systemd.conf
CHANGED
@@ -1,16 +1,27 @@
|
|
1
1
|
<source>
|
2
2
|
@type systemd
|
3
|
-
pos_file /var/log/fluentd-journald-systemd.pos
|
4
|
-
read_from_head true
|
5
|
-
strip_underscores true
|
6
3
|
tag systemd
|
4
|
+
read_from_head true
|
5
|
+
<storage>
|
6
|
+
@type local
|
7
|
+
persistent true
|
8
|
+
path /var/log/fluentd-journald-systemd.pos
|
9
|
+
</storage>
|
7
10
|
</source>
|
8
11
|
|
9
12
|
# rewrite tags as systemd.* for the specefic SYSTEMD_UNIT, then we can filter specifically on kubelet and docker below
|
10
13
|
<match systemd>
|
11
14
|
@type rewrite_tag_filter
|
12
|
-
|
13
|
-
|
15
|
+
<rule>
|
16
|
+
key SYSTEMD_UNIT
|
17
|
+
pattern /^kubelet.service$/
|
18
|
+
tag systemd.kubelet
|
19
|
+
</rule>
|
20
|
+
<rule>
|
21
|
+
key SYSTEMD_UNIT
|
22
|
+
pattern /^docker.service$/
|
23
|
+
tag systemd.docker
|
24
|
+
</rule>
|
14
25
|
</match>
|
15
26
|
|
16
27
|
# toss all other systemd logs in the bin
|
@@ -32,11 +43,10 @@
|
|
32
43
|
</filter>
|
33
44
|
|
34
45
|
<filter systemd.docker>
|
35
|
-
type parser
|
46
|
+
@type parser
|
36
47
|
format /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
|
37
48
|
reserve_data true
|
38
49
|
key_name MESSAGE
|
39
|
-
suppress_parse_error_log true
|
40
50
|
</filter>
|
41
51
|
|
42
52
|
<filter systemd.docker>
|
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
4
|
|
5
5
|
Gem::Specification.new do |spec|
|
6
6
|
spec.name = "fluent-plugin-papertrail"
|
7
|
-
spec.version = "0.2.
|
7
|
+
spec.version = "0.2.4"
|
8
8
|
spec.authors = ["Jonathan Lozinski", "Alex Ouzounis", "Chris Rust"]
|
9
9
|
spec.email = ["jonathan.lozinski@solarwinds.com", "alex.ouzounis@solarwinds.com", "chris.rust@solarwinds.com"]
|
10
10
|
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fluent-plugin-papertrail
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Jonathan Lozinski
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: exe
|
12
12
|
cert_chain: []
|
13
|
-
date: 2018-
|
13
|
+
date: 2018-05-09 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: fluentd
|