From e94042689dcddf3e95bcc7d961d63fcc520441ba Mon Sep 17 00:00:00 2001
From: makefunstuff <plugatariov@gmail.com>
Date: Fri, 28 Jun 2024 21:01:17 +0300
Subject: logstash

---
 tools/monitoring/Chart.yaml  |  3 +++
 tools/monitoring/values.yaml | 46 ++++++++++++++++++++++++++++----------------
 2 files changed, 32 insertions(+), 17 deletions(-)

(limited to 'tools/monitoring')

diff --git a/tools/monitoring/Chart.yaml b/tools/monitoring/Chart.yaml
index 25877c4..b64fceb 100644
--- a/tools/monitoring/Chart.yaml
+++ b/tools/monitoring/Chart.yaml
@@ -17,4 +17,7 @@ dependencies:
   - name: opentelemetry-collector
     version: 0.96.0
     repository: "https://open-telemetry.github.io/opentelemetry-helm-charts"
+  - name: logstash
+    version: 8.5.1
+    repository: https://helm.elastic.co
 
diff --git a/tools/monitoring/values.yaml b/tools/monitoring/values.yaml
index a19ba65..fb3c6d9 100644
--- a/tools/monitoring/values.yaml
+++ b/tools/monitoring/values.yaml
@@ -25,12 +25,12 @@ grafana:
         - name: Prometheus
           type: prometheus
           access: proxy
-          url: http://prometheus-server.monitoring.svc.cluster.local
+          url: http://prometheus-server
           isDefault: true
         - name: Elasticsearch
           type: elasticsearch
           access: proxy
-          url: http://elasticsearch-master.monitoring.svc.cluster.local:9200
+          url: http://elasticsearch-master
           jsonData:
             esVersion: 7
             timeField: "@timestamp"
@@ -155,15 +155,6 @@ opentelemetry-collector:
         protocols:
           grpc: {}
           http: {}
-      filelog:
-        include: ["/var/log/containers/*.log"]
-        operators:
-          - type: json_parser
-            timestamp:
-              parse_from_field: time
-              layout: '%Y-%m-%dT%H:%M:%S.%fZ'
-            severity:
-              parse_from_field: severity
     processors:
       batch: {}
       resource:
@@ -177,15 +168,36 @@ opentelemetry-collector:
         endpoint: "http://prometheus-server.monitoring.svc.cluster.local/api/v1/write"
       logging:
         loglevel: debug
-      otlphttp:
-        endpoint: "http://elasticsearch-master.monitoring.svc.cluster.local:9200"
     service:
       pipelines:
         metrics:
           receivers: [otlp]
           processors: [batch]
           exporters: [prometheusremotewrite]
-        logs:
-          receivers: [otlp, filelog]
-          processors: [batch, resource]
-          exporters: [logging, otlphttp]
+
+logstash:
+  enabled: true
+  volumeClaimTemplate:
+    accessModes: [ "ReadWriteOnce" ]
+    resources:
+      requests:
+        storage: 10Gi
+  logstashConfig:
+    logstash.yml: |
+      http.host: "0.0.0.0"
+      xpack.monitoring.elasticsearch.hosts: [ "http://elasticsearch-master:9200" ]
+    logstashPipeline:
+      logstash.conf: |
+        input {
+          tcp {
+            port => 5044
+            codec => json
+          }
+        }
+        output {
+          elasticsearch {
+            hosts => ["http://elasticsearch-master:9200"]
+            index => "logstash-%{+YYYY.MM.dd}"
+          }
+        }
+
-- 
cgit 1.4.1-2-gfad0