Skip to content

Commit

Permalink
- remove grafana auth local
Browse files Browse the repository at this point in the history 
- open syslog port
- add promtail config to accept syslog
- add script to generate syslog
  • Loading branch information
@elipe17
elipe17 committed Nov 1, 2024
1 parent ce8df47 commit 0142172
Show file tree
Hide file tree
Showing 4 changed files with 70 additions and 2 deletions.
1 change: 1 addition & 0 deletions tdrs-backend/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,7 @@ services:
image: grafana/promtail:3.1.1
ports:
- 9080:9080
- 5514:5514
volumes:
- ./plg/promtail/config.local.yml:/etc/promtail/config.yml
- ~/tdp-logs/nginx:/var/log/nginx
Expand Down
2 changes: 1 addition & 1 deletion tdrs-backend/plg/grafana/custom.local.ini
View file
Original file line number Diff line number Diff line change
Expand Up @@ -840,7 +840,7 @@ use_refresh_token = false

#################################### Basic Auth ##########################
[auth.basic]
enabled = true
enabled = false
# This setting will enable a stronger password policy for user's password under basic auth.
# The password will need to comply with the following password policy
# 1. Have a minimum of 12 characters
Expand Down
8 changes: 7 additions & 1 deletion tdrs-backend/plg/promtail/config.local.yml
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
server:
http_listen_port: 9080
grpc_listen_port: 0
log_level: info
log_level: debug

positions:
filename: /tmp/positions.yaml
Expand Down Expand Up @@ -31,3 +31,9 @@ scrape_configs:
labels:
job: nginx
__path__: /var/log/nginx/*log
- job_name: syslog
syslog:
listen_address: 0.0.0.0:5514
idle_timeout: 60s
labels:
job: syslog
61 changes: 61 additions & 0 deletions tdrs-backend/plg/promtail/syslog_gen.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
#!/usr/bin/env python3
'''
Syslog Generator
Had a need to generate generic syslog messages to
test open source logging solutions.
'''

import logging
from logging.handlers import SysLogHandler
import socket
import argparse
import random
import sys
import time
from syslog_rfc5424_formatter import RFC5424Formatter

logging.socket = socket

"""
Modify these variables to change the hostname, domainame, and tag
that show up in the log messages.
"""
hostname = "host"
domain_name = ".example.com"
tag = ["kernel", "python", "ids", "ips"]
syslog_level = ["info", "error", "warn", "critical"]

def open_sample_log(sample_log):
try:
with open(sample_log, 'r') as sample_log_file:
random_logs = random.choice(list(sample_log_file))
return random_logs
except FileNotFoundError:
print("[+] ERROR: Please specify valid filename")
return sys.exit()

def syslogs_sender():
# Initalize SysLogHandler
logger = logging.getLogger()
logger.setLevel(logging.INFO)
syslog = SysLogHandler(address=('localhost', '5514'), socktype=socket.SOCK_STREAM)
logger.addHandler(syslog)

random_level = random.choice(syslog_level)
message = open_sample_log("/var/log/system.log")
formatter = RFC5424Formatter()
syslog.setFormatter(formatter)
getattr(logger, random_level)(message)

logger.removeHandler(syslog)
syslog.close()

if __name__ == "__main__":
try:
while True:
syslogs_sender()
# time.sleep(1)
except KeyboardInterrupt:
# Use ctrl-c to stop the loop
print("[+] Stopping syslog generator...")

0 comments on commit 0142172

Please sign in to comment.