version: v1
removes:
- /etc/rsyslog.conf
- /etc/rsyslog.d/*.conf
templates:
- input: /config/templates/rsyslog/rsyslog.conf
output: /etc/rsyslog.conf
- input: /config/templates/rsyslog/outputs.conf.erb
output: /etc/rsyslog.d/05-outputs.conf
- input: /config/templates/rsyslog/drain.conf.erb
output: /etc/rsyslog.d/10-drain.conf
- input: /config/templates/identity/cacerts.pem.erb
output: /dev/shm/identity/ca/cacerts.pem
- input: /config/templates/identity/client.pem.erb
output: /dev/shm/identity/client/certificates/client.pem
- input: /config/templates/identity/client-key.pem.erb
output: /dev/shm/identity/client/keys/client-key.pem
- input: /config/templates/auth/htpasswd.erb
output: /dev/shm/auth/htpasswd
- input: /config/templates/rsyslog/syslog.conf.erb
output: /etc/rsyslog.d/10-syslog.conf
data:
_pki:
cacert: /dev/shm/identity/ca/cacerts.pem
client:
cert: /dev/shm/identity/client/certificates/client.pem
key: /dev/shm/identity/client/keys/client-key.pem
_funnel:
host: ajna-api.salesforce.com
port: 443
scheme: https
metrics_request_timeout_ms: 3000
dnr_request_timeout_ms: 3000
request_resume_interval_secs: 1
request_resume_interval_max_secs: 30
_funnel_logs:
host: funnel.funnelapi.foundation.aws-prod1-useast1.aws.sfdc.cl
port: 443
scheme: https
api: data
# Set restpath, content_type, batch_format based on `api` setting
rest_path: v1/data/namespaces/sfdc.prod.scrt2.logs/topics/logs.ext
http_content_type: application/vnd.kafka.v1+json
batch_format: kafkarest
heroku:
app_name: "sfdc-lm-gs0-vir-00-sh-drain"
app_id: "801de98f-6e38-431a-83fb-5319070909f5"
short_region: "vir"
dyno: "web.1"
release_version: "v51"
log_drain:
# Build metadata.
version: "v0.0.9"
build: "33381b4a2a446016e5d3829768e1b4c6fd12b9a3"
# Enable debug mode.
debug: true
# Publish logs to Funnel.
publish_logs: true
# Publish enabled metrics to Funnel.
publish_metrics: true
# Parse Heroku dyno runtime-metrics and addon log-based metrics.
runtime_metrics: true
# Parse Heroku router logs into metrics.
router_metrics: true
# Enable internal self-metrics.
self_metrics: true
# Serving port.
port: 40736
# Basic Authentication.
basic_auth_file: /dev/shm/auth/htpasswd
# Set base environment for this drain
environment: "gs0"
# Set base cloud value for this drain
cloud: "digitalengagement"
# Set base cloud value for this drain
business_unit: Heroku
# UUID for this Drain.
uuid: 801de98f-6e38-431a-83fb-5319070909f5
disable_flow_control: false
# Impstats reporting interval.
stats_interval_seconds: 60
# Main ruleset queue sizes.
input_queue_size: 750000
# output queue sizes.
output_queue_size: 500000
# enable disk assisted queue
queue_filename: rs_drain_queue
queue_spool_directory: /tmp
queue_max_file_size: 500m
# workers > 1 does not appear to have any appreciable effect.
logs_batch_worker_threads: 1
# Use system default
logs_input_batch_size: 6000
logs_output_min_batch_size: 0
logs_batch_size: 1024
logs_use_sender_thread: true
logs_sender_max_connections: 4
# Buffer up to 10MB by default. Funnel accepts up to 25MB batches.
logs_batch_max_bytes: 10000000
# Use defaults for timeout values, which work well queues are slowed down
logs_batch_timeout_ms: 1000
# The "http_*" fields correspond to imhttp/civetweb HTTP options.
# Reference https://github.com/civetweb/civetweb/blob/master/docs/UserManual.md
# Heroku router logs access requests too, no need to log twice.
http_access_log_file: /dev/null
http_error_log_file: /dev/stderr
http_num_threads: 50
http_listen_backlog: 32
http_connection_queue: 16
# Document root used to serve received logs for testing abd debugging.
http_document_root: /www/data
# DNR (Detection n' Response) filtering.
filter_dnr_logs: true
filter_dnr_logs_expression: $msg contains "JWT" or $msg contains "issuer:" or $msg contains "SalesforceBearerAuthTokenHandler"
# In proxy mode, allow nginx to log locally.
syslog_udp_port: 10514