summaryrefslogtreecommitdiffstats
path: root/doc/schemas/logstash/log-courier.conf
diff options
context:
space:
mode:
Diffstat (limited to 'doc/schemas/logstash/log-courier.conf')
-rw-r--r--doc/schemas/logstash/log-courier.conf56
1 files changed, 56 insertions, 0 deletions
diff --git a/doc/schemas/logstash/log-courier.conf b/doc/schemas/logstash/log-courier.conf
new file mode 100644
index 0000000..20d106f
--- /dev/null
+++ b/doc/schemas/logstash/log-courier.conf
@@ -0,0 +1,56 @@
+# Example log-courier configuration file for RADIUS detail files.
+#
+# This has been tested with log-courier version 2.0.4
+#
+{
+ "general": {
+ "persist directory": "/var/lib/log-courier",
+ "log syslog": true,
+ "log stdout": false
+ },
+
+ "network": {
+ "transport": "tcp",
+
+ # Servers to connect to.
+ #
+ "servers": [
+ "logstash1.example:5140",
+ "logstash2.example:5140"
+ ]
+ },
+
+ "files": [
+ {
+ # Match RADIUS detail files, but not anything that has
+ # been gzipped.
+ #
+ "paths": [ "/var/log/radius/radacct/*/detail-????????" ],
+
+ # Add a type:"radiusdetail" field to the data so that
+ # logstash can tell what type of data this is (in case
+ # log-courier is being used for other data as well).
+ #
+ "fields": {
+ "type": "radiusdetail"
+ },
+
+ # Stop watching a file if nothing has been written in 12h.
+ #
+ "dead time": "12h",
+
+ # Process multilines. If this is being used then the
+ # "multiline" section should be commented out from the
+ # logstash configuration. Logstash can then also be run
+ # with multiple workers (using -w).
+ #
+ "codecs": [
+ {
+ "name": "multiline",
+ "patterns": [ "^[A-Z\t]" ],
+ "what": "next"
+ }
+ ]
+ }
+ ]
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-19 18:52:31 +0000