mirror of
https://github.com/tomav/docker-mailserver.git
synced 2024-06-30 13:11:15 +02:00
e4bab5b996
* add support to forward logs to ELK stack. * from docker elk customize image with * https://github.com/whyscream/postfix-grok-patterns * custom imput * override syslog filter. * fix typo. * Explicit forwarder vars and messages. * add amavis grok * add dovecot grok * add geoip db * add logstash geoip plugin * add custom amavis grok from @tomav. * switch to filebeats input * refactor syslog filter * add filebeat * add template config * replace rsyslog with filebeat.
27 lines
1.3 KiB
Docker
27 lines
1.3 KiB
Docker
FROM sebp/elk
|
|
|
|
RUN mkdir /etc/logstash/patterns.d
|
|
#postfix grok and filter
|
|
RUN curl -L https://raw.githubusercontent.com/whyscream/postfix-grok-patterns/master/postfix.grok > /etc/logstash/patterns.d/postfix.grok
|
|
RUN curl -L https://raw.githubusercontent.com/whyscream/postfix-grok-patterns/master/50-filter-postfix.conf > /etc/logstash/conf.d/15-filter-postfix.conf
|
|
# custom amavis grok and filter
|
|
ADD amavis.grok /etc/logstash/patterns.d
|
|
RUN curl -L https://raw.githubusercontent.com/ninech/logstash-patterns/master/exmples/50-filter-amavis.conf > /etc/logstash/conf.d/16-filter-amavis.conf
|
|
# dovecot grok and filter
|
|
RUN curl -L https://raw.githubusercontent.com/ninech/logstash-patterns/master/patterns.d/dovecot.grok > /etc/logstash/patterns.d/dovecot.grok
|
|
RUN curl -L https://raw.githubusercontent.com/ninech/logstash-patterns/master/exmples/50-filter-dovecot.conf > /etc/logstash/conf.d/17-filter-dovecot.conf
|
|
# FIXME: may be a cron job?
|
|
RUN mkdir -p /usr/share/GeoIP && \
|
|
curl -L http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz | gunzip -c - > /usr/share/GeoIP/GeoLiteCity.dat
|
|
|
|
WORKDIR ${LOGSTASH_HOME}
|
|
RUN gosu logstash bin/logstash-plugin install --local --no-verify logstash-filter-geoip
|
|
|
|
# override beats input
|
|
ADD 02-beats-input.conf /etc/logstash/conf.d/
|
|
# override syslog
|
|
ADD 10-syslog.conf /etc/logstash/conf.d/
|
|
|
|
|
|
|