Skip to content

Commit

Permalink
Merge pull request #16 from SEKOIA-IO/add_local_timestamp
Browse files Browse the repository at this point in the history
Add local timestamp in rsyslog header instead of received timestamp
  • Loading branch information
rombernier authored Nov 17, 2023
2 parents 5ad21d8 + bb2c7da commit f6801c0
Show file tree
Hide file tree
Showing 4 changed files with 8 additions and 4 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/build-docker-image.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,4 +32,4 @@ jobs:
push: true
tags: |
ghcr.io/sekoia-io/sekoiaio-docker-concentrator:latest
ghcr.io/sekoia-io/sekoiaio-docker-concentrator:2.0
ghcr.io/sekoia-io/sekoiaio-docker-concentrator:2.1
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@

All notable changes with sekoiaio concentrator will be documented in this file.

## [2.1]

- Add local timestamp in rsyslog header instead of received timestamp

## [2.0]

- Manage syslog RFC 3164 (only 5424 in 1.0 version)
Expand Down
2 changes: 1 addition & 1 deletion docker-compose/docker-compose.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
version: "3.9"
services:
rsyslog:
image: ghcr.io/sekoia-io/sekoiaio-docker-concentrator:2.0
image: ghcr.io/sekoia-io/sekoiaio-docker-concentrator:2.1
environment:
- MEMORY_MESSAGES=2000000
- DISK_SPACE=180g
Expand Down
4 changes: 2 additions & 2 deletions template.j2
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ input(type="im{{ protocol | lower }}" port="{{ port }}" ruleset="remote{{ port }

{% if debug %}
template(name="SEKOIAIO_{{ name |lower }}_Input_Template" type="string" string="[Input \"{{ intake_key }}\"] %rawmsg%\n")
template(name="SEKOIAIO_{{ name |lower }}_Output_Template" type="string" string="[Output \"{{ intake_key }}\"] <%pri%>1 %timestamp:::date-rfc3339% %hostname% %app-name% %procid% LOG [SEKOIA@53288 intake_key=\"{{ intake_key }}\"] %msg:R,ERE,1,FIELD:^[ \t]*(.*)$--end%\n")
template(name="SEKOIAIO_{{ name |lower }}_Output_Template" type="string" string="[Output \"{{ intake_key }}\"] <%pri%>1 %timegenerated:::date-rfc3339% %hostname% %app-name% %procid% LOG [SEKOIA@53288 intake_key=\"{{ intake_key }}\"] %msg:R,ERE,1,FIELD:^[ \t]*(.*)$--end%\n")
{% endif %}
template(name="SEKOIAIO_{{ name |lower }}_Template" type="string" string="<%pri%>1 %timestamp:::date-rfc3339% %hostname% %app-name% %procid% LOG [SEKOIA@53288 intake_key=\"{{ intake_key }}\"] %msg:R,ERE,1,FIELD:^[ \t]*(.*)$--end%\n")
template(name="SEKOIAIO_{{ name |lower }}_Template" type="string" string="<%pri%>1 %timegenerated:::date-rfc3339% %hostname% %app-name% %procid% LOG [SEKOIA@53288 intake_key=\"{{ intake_key }}\"] %msg:R,ERE,1,FIELD:^[ \t]*(.*)$--end%\n")
ruleset(name="remote{{ port }}"){
action(
type="omfwd"
Expand Down

0 comments on commit f6801c0

Please sign in to comment.