{{ ansible_header | comment }}
template(name="logall" type="list" option.jsonf="on"){
	property(outname="@timestamp" name="timereported" dateFormat="rfc3339" format="jsonf")
	property(outname="host" name="hostname" format="jsonf")
	property(outname="message" name="msg" format="jsonf")
}

module(load="omprog")

if ($syslogfacility == '0' and $msg contains 'LOG_ALL_PREROUTING')
then {
	action(type="omprog"
		binary="/usr/bin/python3 /usr/local/src/scripts/firewall/logs_to_json.py"
		template="logall"
		output="/var/log/firewall/logall.prerouting.json.log")
	action(type="omfile" file="/var/log/firewall/logall.prerouting.log" template="logall")
	stop
}

if ($syslogfacility == '0' and $msg contains 'LOG_ALL_ADH')
then {
	action(type="omprog"
		binary="/usr/bin/python3 /usr/local/src/scripts/firewall/logs_to_json.py"
		template="logall"
		output="/var/log/firewall/logall.adh.json.log")
	action(type="omfile" file="/var/log/firewall/logall.adh.log" template="logall")
	stop
}

if ($syslogfacility == '0' and $msg contains 'LOG_ALL_SRV')
then {
	action(type="omprog"
		binary="/usr/bin/python3 /usr/local/src/scripts/firewall/logs_to_json.py"
		template="logall"
		output="/var/log/firewall/logall.srv.json.log")
	action(type="omfile" file="/var/log/firewall/logall.srv.log" template="logall")
	stop
}

# Legacy LOG_ALL
if $syslogfacility == '0' and $msg contains 'LOG_ALL' then /var/log/firewall/logall.log
&   ~