57 lines
1.5 KiB
Django/Jinja
57 lines
1.5 KiB
Django/Jinja
server:
|
|
http_listen_port: 9080
|
|
grpc_listen_port: 0
|
|
|
|
positions:
|
|
filename: /var/lib/promtail/positions.yaml
|
|
|
|
clients:
|
|
- url: {{ loki_url }}/loki/api/v1/push
|
|
tenant_id: home-infra
|
|
batchwait: 1s
|
|
batchsize: 1048576
|
|
timeout: 10s
|
|
|
|
scrape_configs:
|
|
# Syslog listener for network devices
|
|
- job_name: syslog
|
|
syslog:
|
|
listen_address: 0.0.0.0:514
|
|
listen_protocol: udp
|
|
idle_timeout: 60s
|
|
label_structured_data: true
|
|
labels:
|
|
job: syslog
|
|
source: network-devices
|
|
relabel_configs:
|
|
- source_labels: ['__syslog_message_hostname']
|
|
target_label: 'host'
|
|
- source_labels: ['__syslog_message_severity']
|
|
target_label: 'severity'
|
|
- source_labels: ['__syslog_message_facility']
|
|
target_label: 'facility'
|
|
- source_labels: ['__syslog_message_app_name']
|
|
target_label: 'app'
|
|
pipeline_stages:
|
|
- match:
|
|
selector: '{job="syslog"}'
|
|
stages:
|
|
# Extract common patterns from network device logs
|
|
- regex:
|
|
expression: '(?P<src_ip>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})'
|
|
- labels:
|
|
src_ip:
|
|
|
|
# Local system journal (RPi logs)
|
|
- job_name: journal
|
|
journal:
|
|
max_age: 12h
|
|
labels:
|
|
job: systemd-journal
|
|
host: rpi
|
|
relabel_configs:
|
|
- source_labels: ['__journal__systemd_unit']
|
|
target_label: 'unit'
|
|
- source_labels: ['__journal_priority_keyword']
|
|
target_label: 'severity'
|