nomad
/
monitoring
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
monitoring/templates/aggregator/vector.yml

92 lines
2.1 KiB
YAML
Raw Blame History

data_dir: /local
expire_metrics_secs: 600
sources:
logs_vector:
type: vector
address: 127.0.0.1:9000
vector_metrics:
type: internal_metrics
[[- if .syslog_udp.enabled ]]
logs_syslog_udp:
type: syslog
mode: udp
address: 0.0.0.0:{{{ env "NOMAD_ALLOC_PORT_syslog_udp" }}}
[[- end ]]
[[- if .fluentd.enabled ]]
logs_fluentd:
type: fluent
address: 127.0.0.1:24224
[[- end ]]
transforms:
split-by-app:
type: route
inputs: [ "logs_*" ]
route:
traefik: '.service == "traefik"'
postgres: '.service == "postgres"'
syslog: '.source_type == "syslog"'
parse-traefik:
type: remap
inputs: ["split-by-app.traefik"]
source: |
.http = parse_grok!(.message, "%{HTTPD_COMMONLOG}")
.loki_labels.http_method = .http.verb
.loki_labels.http_status = .http.response
.loki_labels.user = .http.auth
parse-postgres:
type: remap
inputs: ["split-by-app.postgres"]
source: |
if includes(array!(.nomad.tags), "master"){
.loki_labels.pg_role = "master"
} else if includes(array!(.nomad.tags), "replica"){
.loki_labels.pg_role = "replica"
}
parse-syslog:
type: remap
inputs: ["split-by-app.syslog"]
source: |
# PfSense sends /usr/sbin/cron as the appname, instead of cron
if string!(.appname) == "/usr/sbin/cron" {
.appname = "cron"
}
.service = .appname
sinks:
loki:
type: loki
inputs: [ "split-by-app._unmatched", "parse-*" ]
endpoint: http://127.0.0.1:3100
encoding:
codec: text
labels:
job: "{{ .service }}"
host: "{{ .host }}"
_*: "{{ .loki_labels }}"
buffer:
type: disk
max_size: 268435488
remove_label_fields: true
# Expose vector internal metrics
prometheus:
type: prometheus_exporter
inputs: ["vector_metrics"]
address: 0.0.0.0:${NOMAD_ALLOC_PORT_metrics}
tls:
enabled: true
crt_file: /secrets/metrics.bundle.pem
key_file: /secrets/metrics.bundle.pem
ca_file: /local/monitoring.ca.pem
verify_certificate: true
Reference in New Issue View Git Blame Copy Permalink