From f3679bd834d7f9ee2c8d90c6e4d63e449be4c708 Mon Sep 17 00:00:00 2001
From: marius <marius@noreply.localhost>
Date: Sat, 6 May 2023 10:35:04 +0000
Subject: [PATCH] lab config for zincobserve

---
 fluentd/loglab.zincobserve.conf | 58 +++++++++++++++++++++++++++++++++
 1 file changed, 58 insertions(+)
 create mode 100644 fluentd/loglab.zincobserve.conf

diff --git a/fluentd/loglab.zincobserve.conf b/fluentd/loglab.zincobserve.conf
new file mode 100644
index 0000000..8650531
--- /dev/null
+++ b/fluentd/loglab.zincobserve.conf
@@ -0,0 +1,58 @@
+<source>
+  @type tail
+  path /var/log/remote/**/*.log
+  pos_file /var/log/remote/teleport_log.pos
+  tag teleport.log
+  read_from_head true
+  <parse>
+    @type json
+  </parse>
+</source>
+
+<source>
+  @type udp
+  tag rsyslog.udp
+  port 33333
+  bind 0.0.0.0
+  format json
+</source>
+
+<match teleport.log>
+   @type http
+  endpoint http://192.168.1.113:5080/api/default/default/_json
+  content_type json
+  json_array true
+  <auth>
+    method basic
+    username 
+    password 
+  </auth>
+  <buffer>
+    @type memory
+    flush_mode interval
+    flush_interval 10s
+    flush_thread_count 2
+    chunk_limit_size 2m
+    queue_limit_length 8
+  </buffer>
+</match>
+
+<match rsyslog.udp>
+   @type http
+  endpoint http://192.168.1.113:5080/api/default/default/_json
+  content_type json
+  json_array true
+  <auth>
+    method basic
+    username 
+    password 
+  </auth>
+  <buffer>
+    @type memory
+    flush_mode interval
+    flush_interval 10s
+    flush_thread_count 2
+    chunk_limit_size 2m
+    queue_limit_length 8
+  </buffer>
+</match>
\ No newline at end of file