43 lines
1.4 KiB
Django/Jinja
43 lines
1.4 KiB
Django/Jinja
{{ ansible_header | comment }}
|
|
template(name="logall" type="list" option.jsonf="on"){
|
|
property(outname="@timestamp" name="timereported" dateFormat="rfc3339" format="jsonf")
|
|
property(outname="host" name="hostname" format="jsonf")
|
|
property(outname="message" name="msg" format="jsonf")
|
|
}
|
|
|
|
module(load="omprog")
|
|
|
|
if ($syslogfacility == '0' and $msg contains 'LOG_ALL_PREROUTING')
|
|
then {
|
|
action(type="omprog"
|
|
binary="/usr/bin/python3 /usr/local/src/scripts/firewall/logs_to_json.py"
|
|
template="logall"
|
|
output="/var/log/firewall/logall.prerouting.json.log")
|
|
action(type="omfile" file="/var/log/firewall/logall.prerouting.log" template="logall")
|
|
stop
|
|
}
|
|
|
|
if ($syslogfacility == '0' and $msg contains 'LOG_ALL_ADH')
|
|
then {
|
|
action(type="omprog"
|
|
binary="/usr/bin/python3 /usr/local/src/scripts/firewall/logs_to_json.py"
|
|
template="logall"
|
|
output="/var/log/firewall/logall.adh.json.log")
|
|
action(type="omfile" file="/var/log/firewall/logall.adh.log" template="logall")
|
|
stop
|
|
}
|
|
|
|
if ($syslogfacility == '0' and $msg contains 'LOG_ALL_SRV')
|
|
then {
|
|
action(type="omprog"
|
|
binary="/usr/bin/python3 /usr/local/src/scripts/firewall/logs_to_json.py"
|
|
template="logall"
|
|
output="/var/log/firewall/logall.srv.json.log")
|
|
action(type="omfile" file="/var/log/firewall/logall.srv.log" template="logall")
|
|
stop
|
|
}
|
|
|
|
# Legacy LOG_ALL
|
|
if $syslogfacility == '0' and $msg contains 'LOG_ALL' then /var/log/firewall/logall.log
|
|
& ~
|