enable log4j and syslog logging in ElasticStack
Change-Id: I68be2986515df5f64aad7906995689a661dd0425
diff --git a/Vagrantfile b/Vagrantfile
index 1ce337e..d4d4735 100644
--- a/Vagrantfile
+++ b/Vagrantfile
@@ -19,6 +19,8 @@
d.vm.network :forwarded_port, guest: 80, host: 9080, host_ip: '*'
d.vm.network :forwarded_port, guest: 9200, host: 9200, host_ip: '*'
d.vm.network :forwarded_port, guest: 5617, host: 5617, host_ip: '*', protocol: "udp"
+ d.vm.network :forwarded_port, guest: 2514, host: 2514, host_ip: '*'
+ d.vm.network :forwarded_port, guest: 4560, host: 4560, host_ip: '*'
d.vm.hostname = "elastic"
d.vm.network "private_network", ip: "10.100.198.222"
diff --git a/ansible/roles/install_elk/files/11-log4j-input.conf b/ansible/roles/install_elk/files/11-log4j-input.conf
new file mode 100644
index 0000000..2d11577
--- /dev/null
+++ b/ansible/roles/install_elk/files/11-log4j-input.conf
@@ -0,0 +1,15 @@
+input {
+ log4j {
+ port => 4560
+ type => "log4j"
+ }
+}
+
+filter {
+ mutate {
+ rename => {"priority" => "level"}
+ rename => {"bundle.id" => "bundle_id"}
+ rename => {"bundle.name" => "bundle_name"}
+ rename => {"bundle.version" => "bundle_version"}
+ }
+}
diff --git a/ansible/roles/install_elk/files/12-syslog-input.conf b/ansible/roles/install_elk/files/12-syslog-input.conf
new file mode 100644
index 0000000..d2331a8
--- /dev/null
+++ b/ansible/roles/install_elk/files/12-syslog-input.conf
@@ -0,0 +1,6 @@
+input {
+ syslog {
+ port => 2514
+ type => "syslog"
+ }
+}
diff --git a/ansible/roles/install_elk/tasks/main.yml b/ansible/roles/install_elk/tasks/main.yml
index c807425..6948316 100644
--- a/ansible/roles/install_elk/tasks/main.yml
+++ b/ansible/roles/install_elk/tasks/main.yml
@@ -1,54 +1,32 @@
-- name: Add ELK repositories
- apt_repository: repo={{ item }} state="present"
- with_items:
- - deb http://packages.elastic.co/elasticsearch/2.x/debian stable main
- - deb http://packages.elastic.co/kibana/4.4/debian stable main
- - deb http://packages.elastic.co/logstash/2.2/debian stable main
-
-- name: Install ELK
- apt: name={{ item }} state=installed update_cache=yes force=yes
- with_items:
- - elasticsearch
- - kibana
- - logstash
-
-- name: Configure Logstash
- copy: src={{ item }} dest=/etc/logstash/conf.d/{{ item }} owner=root group=root mode=0644
- with_items:
- - 10-udp-input.conf
- - 30-elasticsearch-output.conf
-
-- name: Start ELK
- service: name={{ item }} state=started enabled=yes
- with_items:
- - logstash
- - elasticsearch
- - kibana
+---
+# install_elk/tasks/main.yml
- name: Add ELK repositories
apt_repository: repo={{ item }} state="present"
with_items:
- - deb http://packages.elastic.co/elasticsearch/2.x/debian stable main
- - deb http://packages.elastic.co/kibana/4.4/debian stable main
- - deb http://packages.elastic.co/logstash/2.2/debian stable main
+ - deb http://packages.elastic.co/elasticsearch/2.x/debian stable main
+ - deb http://packages.elastic.co/kibana/4.4/debian stable main
+ - deb http://packages.elastic.co/logstash/2.2/debian stable main
- name: Install ELK
apt: name={{ item }} state=installed update_cache=yes force=yes
with_items:
- - elasticsearch
- - kibana
- - logstash
+ - elasticsearch
+ - kibana
+ - logstash
- name: Configure Logstash
copy: src={{ item }} dest=/etc/logstash/conf.d/{{ item }} owner=root group=root mode=0644
with_items:
- - 10-udp-input.conf
- - 30-elasticsearch-output.conf
+ - 10-udp-input.conf
+ - 11-log4j-input.conf
+ - 12-syslog-input.conf
+ - 30-elasticsearch-output.conf
- name: Start ELK
service: name={{ item }} state=started enabled=yes
with_items:
- - logstash
- - elasticsearch
- - kibana
+ - logstash
+ - elasticsearch
+ - kibana