mirror of
https://github.com/napnap75/multiarch-docker-images.git
synced 2025-12-15 03:04:19 +01:00
77 lines
2.3 KiB
JSON
77 lines
2.3 KiB
JSON
{
|
|
"log-fetchers": {
|
|
"loki-fileserver": {
|
|
"type": "loki",
|
|
"config": {
|
|
"url-from-env": "{LOKI_URL}"
|
|
}
|
|
}
|
|
},
|
|
"alert-managers": {
|
|
"gotify-paris": {
|
|
"type": "gotify",
|
|
"config": {
|
|
"url-from-env": "{GOTIFY_URL}",
|
|
"token-from-env": "{GOTIFY_TOKEN}"
|
|
}
|
|
}
|
|
},
|
|
"alerting-rules": {
|
|
"ssh-outside": {
|
|
"check-interval": 30,
|
|
"log-fetcher": {
|
|
"name": "loki-fileserver",
|
|
"filters": {
|
|
"labels": {
|
|
"container": "openssh-server"
|
|
},
|
|
"text": "Accepted"
|
|
}
|
|
},
|
|
"filters": [
|
|
{
|
|
"type": "regexp",
|
|
"config": {
|
|
"match": "Accepted (?P<method>\\w+) for (?P<username>\\w+) from (?P<ip>[^\\s]+)"
|
|
}
|
|
},
|
|
{
|
|
"type": "geolocation",
|
|
"config": {
|
|
"source-field": "ip"
|
|
}
|
|
}
|
|
],
|
|
"alert-manager": {
|
|
"name": "gotify-paris",
|
|
"title": "Outside SSH login",
|
|
"message": "New SSH login for {username} on {instance} from ip {ip} (country: {country}, provider: {isp}, method: {method})"
|
|
}
|
|
},
|
|
"ssh-local": {
|
|
"check-interval": 30,
|
|
"log-fetcher": {
|
|
"name": "loki-fileserver",
|
|
"filters": {
|
|
"labels": {
|
|
"filename": "/var/log/host/auth.log"
|
|
},
|
|
"text": "Accepted"
|
|
}
|
|
},
|
|
"filters": [
|
|
{
|
|
"type": "regexp",
|
|
"config": {
|
|
"match": "Accepted (?P<method>\\w+) for (?P<username>\\w+) from (?P<ip>[^\\s]+)"
|
|
}
|
|
}
|
|
],
|
|
"alert-manager": {
|
|
"name": "gotify-paris",
|
|
"title": "Local SSH login",
|
|
"message": "New SSH login for {username} on {instance} from ip {ip} (method: {method})"
|
|
}
|
|
}
|
|
}
|
|
} |