quick and dirty rsyslog target in a docker container
Created
July 22, 2019 17:14
-
-
Save makuk66/73ec02e4bc1e3c138b4ab615ab49f2ce to your computer and use it in GitHub Desktop.
rsyslog
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3' | |
| services: | |
| logserver: | |
| build: . | |
| ports: | |
| - "5000:514/udp" | |
| - "5000:514/tcp" | |
| volumes: | |
| - logs:/var/syslog/hosts | |
| volumes: | |
| logs: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM ubuntu | |
| RUN echo "deb http://us.archive.ubuntu.com/ubuntu/ precise main universe" >> /etc/apt/source.list | |
| RUN apt-get update | |
| RUN apt-get -y install rsyslog | |
| ADD ./rsyslog.conf /etc/rsyslog.conf | |
| ENTRYPOINT ["/usr/sbin/rsyslogd", "-n"] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # provides UDP syslog reception | |
| module(load="imudp") | |
| input(type="imudp" port="514") | |
| # provides TCP syslog reception | |
| module(load="imtcp") | |
| input(type="imtcp" port="514") | |
| ########################### | |
| #### GLOBAL DIRECTIVES #### | |
| ########################### | |
| # | |
| # Use traditional timestamp format. | |
| # To enable high precision timestamps, comment out the following line. | |
| # | |
| $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat | |
| # Filter duplicated messages | |
| $RepeatedMsgReduction on | |
| # | |
| # Set the default permissions for all log files. | |
| # | |
| $FileOwner syslog | |
| $FileGroup adm | |
| $FileCreateMode 0640 | |
| $DirCreateMode 0755 | |
| $Umask 0022 | |
| # | |
| # Where to place spool and state files | |
| # | |
| $WorkDirectory /var/spool/rsyslog | |
| # log every host in its own directory | |
| $template RemoteHost,"/var/syslog/hosts/%HOSTNAME%/%$YEAR%/%$MONTH%/%$DAY%/syslog.log" | |
| *.* ?RemoteHost |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| docker-compose build | |
| docker-compose up --force-recreate |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment