lanakod/suricata-grafana-docker
1
0
Fork 0
mirror of https://github.com/Lanakod-Networks/suricata-grafana-docker.git synced 2025-07-04 05:16:39 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity
master
suricata-grafana-docker/promtail-config.yml
Maxim Malakhov eb27dcece2
first commit
2024-11-22 21:50:29 +03:00

44 lines
1.1 KiB
YAML
Raw Permalink Blame History

server:
http_listen_port: 9080
grpc_listen_port: 0
# Log only messages with the given severity or above. Supported values [debug,
# info, warn, error]
# log_level: debug
positions:
filename: /tmp/positions.yaml
clients:
- url: http://loki:3100/loki/api/v1/push
scrape_configs:
- job_name: suricata
# json on eve.json
pipeline_stages:
- json:
expressions:
event_type: event_type
src_ip: src_ip
proto: proto
dest_port: dest_port
alert:
- json:
expressions:
action: action
signature_id: signature_id
signature: signature
category: category
severity: severity
source: alert
- labels:
event_type:
src_ip:
proto:
dest_port:
signature_id:
signature:
category:
severity:
static_configs:
- targets:
- localhost
labels:
job: suricata_logs
__path__: /var/log/eve.json
Reference in New Issue View Git Blame Copy Permalink