opengnsys
/
oglog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit

pull/3/head
Nicolas Arenas 2025-07-11 11:07:43 +02:00
parent 00dec46c6e
commit 261c382808
66 changed files with 75285 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
debian/.debhelper/generated/oglog/dh_installchangelogs.dch.trimmed vendored Normal file
View File

@ -0,0 +1,6 @@
oglog (0.0.1-1) UNRELEASED; urgency=low
* Initial release. Closes: #nnnn
<nnnn is the bug number of your ITP>
-- Nicolas Arenas <narenas@qindel.com> Mon, 07 Jul 2025 11:17:41 +0000

1
debian/.debhelper/generated/oglog/installed-by-dh_install vendored Normal file
View File

@ -0,0 +1 @@
./etc

0
debian/.debhelper/generated/oglog/installed-by-dh_installdocs vendored Normal file
View File

8
debian/README.Debian vendored Normal file
View File

@ -0,0 +1,8 @@
oglog for Debian
Please edit this to provide information specific to
this oglog Debian package.
(Automatically generated by debmake Version 4.4.0)
-- vagrant <> Mon, 07 Jul 2025 11:17:41 +0000

6
debian/changelog vendored Normal file
View File

@ -0,0 +1,6 @@
oglog (0.0.1-1) UNRELEASED; urgency=low
* Initial release. Closes: #nnnn
<nnnn is the bug number of your ITP>
-- Nicolas Arenas <narenas@qindel.com> Mon, 07 Jul 2025 11:17:41 +0000

18
debian/control vendored Normal file
View File

@ -0,0 +1,18 @@
Source: oglog
Section: unknown
Priority: optional
Maintainer: Nicolas Arenas <narenas@qindel.com>
Build-Depends: debhelper-compat (= 13)
Standards-Version: 4.6.1
Homepage: https://opengnsys.es
Rules-Requires-Root: no
#Vcs-Git: https://salsa.debian.org/debian/oglog.git
#Vcs-Browser: https://salsa.debian.org/debian/oglog
Package: oglog
Architecture: any
Multi-Arch: foreign
Depends: ${misc:Depends}, ${shlibs:Depends}, debconf (>= 0.5) | debconf-2.0 , opensearch , opensearch-dashboards , grafana, systemd-journal-remote, prometheus, journalbeat
Description: auto-generated package by debmake
This Debian binary package was auto-generated by the
debmake(1) command provided by the debmake package.

51
debian/copyright vendored Normal file
View File

@ -0,0 +1,51 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: oglog
Upstream-Contact: <preferred name and address to reach the upstream project>
Source: <url://example.com>
#
# Please double check copyright with the licensecheck(1) command.
Files: .env
README.md
etc/filebeat/filebeat.yml
etc/grafana/grafana.ini
etc/grafana/provisioning/alerting/alerts.yaml
etc/grafana/provisioning/alerting/contactpoint.yaml
etc/grafana/provisioning/dashboards/dashboard.yaml
etc/grafana/provisioning/datasources/opensearch.yaml
etc/grafana/provisioning/datasources/prometheus.yaml
etc/grafana/resources/alerts/alert-rules.json
etc/grafana/resources/dashboards/.json
etc/grafana/resources/dashboards/Estado_actual_de_los_clientes.json
etc/grafana/resources/dashboards/Node_Exporter_Full.json
etc/grafana/resources/dashboards/Peticiones_nginx.json
etc/grafana/resources/dashboards/Traceo_y_comandos.json
etc/grafana/resources/dashboards/Uso_de_IPs_de_subred.json
etc/grafana/resources/dashboards/null.json
etc/grafana/resources/datasources/datasources.json
etc/journalbeat/journalbeat.yml
etc/opensearch-dashboards/opensearch_dashboards.yml
etc/opensearch-dashboards/saved_searches.ndjson
etc/opensearch/opensearch.yml
etc/opensearch/pipelines.json
etc/prometheus/prometheus.yml
etc/prometheus/web-config.yml
poc/Vagrantfile
poc/mkcerts.sh
script/Documentación script OgLog.md
script/agent.sh
script/export_grafana.sh
script/import_grafana.sh
script/journal-upload.sh
script/mkcerts.sh
script/oglog_installer.sh
script/pipeline-bulk.sh
script/pipeline-individual.sh
script/pipeline.sh
script/setup_grafana_token.sh
Copyright: __NO_COPYRIGHT_NOR_LICENSE__
License: __NO_COPYRIGHT_NOR_LICENSE__
#----------------------------------------------------------------------------
# Files marked as NO_LICENSE_TEXT_FOUND may be covered by the following
# license/copyright files.

1
debian/debhelper-build-stamp vendored Normal file
View File

@ -0,0 +1 @@
oglog

2
debian/files vendored Normal file
View File

@ -0,0 +1,2 @@
oglog_0.0.1-1_amd64.buildinfo unknown optional
oglog_0.0.1-1_amd64.deb unknown optional

12
debian/oglog.config vendored Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
. /usr/share/debconf/confmodule
# Mostrar las preguntas al usuario en orden deseado
db_input high opengnsys/oglog_opensearchInitialPassword || true
db_input high opengnsys/oglog_ogCoreIp || true
db_input high opengnsys/oglog_ogLogIp || true
db_input high opengnsys/oglog_subdomain || true
db_input high opengnsys/oglog_certificateAltNames || true
# Lanzar el diálogo con el usuario
db_go

2
debian/oglog.dirs vendored Normal file
View File

@ -0,0 +1,2 @@
/opt/opengnsys/oglog/
/var/log/journal/remote

1
debian/oglog.install vendored Normal file
View File

@ -0,0 +1 @@
etc /opt/opengnsys/oglog/

299
debian/oglog.postinst vendored Executable file
View File

@ -0,0 +1,299 @@
#!/bin/bash
set -e
. /usr/share/debconf/confmodule
## Load configuration does not matter if we are installing or upgrading
db_get opengnsys/oglog_opensearchInitialPassword
OPENSEARCH_INITIAL_ADMIN_PASSWORD="$RET"
db_get opengnsys/oglog_ogCoreIp
OGCORE_SERVER="$RET"
db_get opengnsys/oglog_ogLogIp
OGLOG_SERVER="$RET"
db_get opengnsys/oglog_subdomain
SUBDOMAIN="$RET"
db_get opengnsys/oglog_certificateAltNames
CERT_ALT_NAMES="$RET"
export OGCORE_SERVER
export OGLOG_SERVER
export SUBDOMAIN
export OPENSEARCH_INITIAL_ADMIN_PASSWORD
## Global variables
SSL_DIR="/opt/opengnsys/oglog/etc/certs"
backup_file() {
local FILE="$1"
if [ -f "$FILE" ]; then
local BACKUP_FILE="${FILE}.bak"
echo "Backing up $FILE to $BACKUP_FILE"
cp "$FILE" "$BACKUP_FILE"
else
echo "File $FILE does not exist, skipping backup."
fi
}
generate_demo_cert() {
local ALTNAMES="$1"
local KEY="$SSL_DIR/server.key"
local CERT="$SSL_DIR/server.crt"
local CN=oglog.local
mkdir -p "$SSL_DIR"
# Crear archivo san.cnf para OpenSSL
cat > "$SSL_DIR/san.cnf" <<EOF
[req]
distinguished_name=req_distinguished_name
x509_extensions=v3_req
prompt=no
[req_distinguished_name]
CN=$CN
[v3_req]
subjectAltName=@alt_names
[alt_names]
EOF
# Inicializar contadores
local dns_i=1
local ip_i=1
IFS=',' read -ra SAN_ENTRIES <<< "$ALTNAMES"
for entry in "${SAN_ENTRIES[@]}"; do
if [[ $entry =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "IP.$ip_i = $entry" >> "$SSL_DIR/san.cnf"
((ip_i++))
elif [[ $entry =~ ^[a-zA-Z0-9.-]+$ ]]; then
echo "DNS.$dns_i = $entry" >> "$SSL_DIR/san.cnf"
((dns_i++))
else
echo "Ignorado (formato inválido): $entry"
fi
done
# Generar certificado
openssl req -x509 -new -nodes -newkey rsa:2048 \
-keyout "$KEY" \
-out "$CERT" \
-days 365 \
-config "$SSL_DIR/san.cnf" \
-extensions v3_req
chmod 0644 "$KEY"
chmod 0644 "$CERT"
echo "Certificado generado con:"
echo " - CN=$CN"
echo " - SANs: $ALTNAMES"
}
update_etc_hosts() {
local CN="oglog.local"
local HOSTS_FILE="/etc/hosts"
# Si CN ya está en /etc/hosts, no hacemos nada
if grep -q "$CN" "$HOSTS_FILE"; then
echo "El CN '$CN' ya está en $HOSTS_FILE, no se requiere actualización."
return
fi
echo "Actualizando $HOSTS_FILE para incluir el CN '$CN'."
# Agregar CN a la entrada de localhost en /etc/hosts
sudo sed -i "/127.0.0.1/s/$/ $CN/" /etc/hosts
}
### Main script execution starts here ###
configure_file() {
SRC_PATH=$1
DEST_PATH=$2
if [ -f "$SRC_PATH" ]; then
DEST_DIR=$(dirname "$DEST_PATH")
mkdir -p "$DEST_DIR"
echo "Configuring $DEST_PATH from $SRC_PATH"
envsubst < "$SRC_PATH" > "$DEST_PATH"
chmod 644 "$DEST_PATH"
chown "$USER":"$GROUP" "$DEST_PATH"
else
echo "Source file $SRC_PATH does not exist, skipping configuration."
fi
}
configure_journal_remote() {
local CONFIG_FILE="/etc/systemd/journal-remote.conf"
local SSL_CERT="$SSL_DIR/server.crt"
local SSL_KEY="$SSL_DIR/server.key"
sed -i "s|^# *ServerCertificateFile=.*|ServerCertificateFile=${SSL_CERT}|" /etc/systemd/journal-remote.conf
sed -i "s|^# *ServerPrivateKeyFile=.*|ServerPrivateKeyFile=${SSL_KEY}|" /etc/systemd/journal-remote.conf
sed -i "s|^# *TrustedCertificateFile=.*|TrustedCertificateFile=all|" /etc/systemd/journal-remote.conf
}
configure_opensearch_certiticates() {
local DEST_CERTS_DIR="/etc/opensearch/certs"
mkdir -p "$DEST_CERTS_DIR"
cp "$SSL_DIR/server.crt" "$DEST_CERTS_DIR/server.crt"
cp "$SSL_DIR/server.key" "$DEST_CERTS_DIR/server.key"
chown opensearch:opensearch "$DEST_CERTS_DIR/server.crt"
chown opensearch:opensearch "$DEST_CERTS_DIR/server.key"
chmod 644 "$DEST_CERTS_DIR/server.crt"
chmod 600 "$DEST_CERTS_DIR/server.key"
}
configure_opensearch_dashboards_certificates() {
local DEST_CERTS_DIR="/etc/opensearch-dashboards/certs"
mkdir -p "$DEST_CERTS_DIR"
cp "$SSL_DIR/server.crt" "$DEST_CERTS_DIR/server.crt"
cp "$SSL_DIR/server.key" "$DEST_CERTS_DIR/server.key"
chown opensearch-dashboards:opensearch-dashboards "$DEST_CERTS_DIR/server.crt"
chown opensearch-dashboards:opensearch-dashboards "$DEST_CERTS_DIR/server.key"
chmod 644 "$DEST_CERTS_DIR/server.crt"
chmod 600 "$DEST_CERTS_DIR/server.key"
}
configure_journalbeat_certificates() {
local DEST_CERTS_DIR="/etc/journalbeat/certs"
mkdir -p "$DEST_CERTS_DIR"
cp "$SSL_DIR/server.crt" "$DEST_CERTS_DIR/server.crt"
cp "$SSL_DIR/server.key" "$DEST_CERTS_DIR/server.key"
chown root:root "$DEST_CERTS_DIR/server.crt"
chown root:root "$DEST_CERTS_DIR/server.key"
chmod 644 "$DEST_CERTS_DIR/server.crt"
chmod 600 "$DEST_CERTS_DIR/server.key"
}
configure_grafana(){
local BASE_DIR="/etc/grafana"
local TMPLATE_BASE_DIR="/opt/opengnsys/oglog/etc/grafana"
local OPENSEARCH_TMPL_FILE="$TMPLATE_BASE_DIR/provisioning/datasources/opensearch.yaml"
local OPENSEARCH_FILE="$BASE_DIR/provisioning/datasources/opensearch.yaml"
# Install OpenSearch datasource plugin if not already installed
if ! grafana-cli plugins ls | grep -q "grafana-opensearch-datasource"; then
echo "Installing OpenSearch datasource plugin for Grafana..."
grafana-cli plugins install grafana-opensearch-datasource
fi
envsubst < "$OPENSEARCH_TMPL_FILE" > "$OPENSEARCH_FILE"
chown grafana:grafana "$OPENSEARCH_FILE"
chmod 644 "$OPENSEARCH_FILE"
echo "Configuring Grafana with OpenSearch datasource at $OPENSEARCH_FILE"
}
create_opensearch_index() {
echo "Creating OpenSearch index patterns and initial index..."
echo "Creating OpenSearch index pattern filebeat-*"
curl --insecure -X POST "https://${OGLOG_SERVER}:9200/.kibana/_doc/index-pattern:filebeat-*" \
--user "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--header 'Content-Type: application/json' \
--data '{
"type": "index-pattern",
"index-pattern": {
"title": "filebeat-*",
"timeFieldName": "@timestamp"
}
}'
echo $?
echo "Creating OpenSearch index pattern for journalbeat-*"
curl --insecure -X POST "https://${OGLOG_SERVER}:9200/.kibana/_doc/index-pattern:journalbeat-*" \
--user "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--header 'Content-Type: application/json' \
--data '{
"type": "index-pattern",
"index-pattern": {
"title": "journalbeat-*",
"timeFieldName": "@timestamp"
}
}'
echo $?
echo "Creating OpenSearch index filebeat-000001"
curl --insecure -X PUT "https://${OGLOG_SERVER}:9200/filebeat-000001" \
--user "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--header 'Content-Type: application/json' \
--data '{
"mappings": {
"properties": {
"@timestamp": { "type": "date" },
"message": { "type": "text" }
}
}
}'
echo $?
echo
## Import ingestion pipelines for opensearch
echo "Importing OpenSearch ingestion pipelines..."
jq -c 'to_entries[]' "/opt/opengnsys/oglog/etc/opensearch/pipelines.json" | while read -r entry
do
name=$(echo "$entry" | jq -r '.key')
body=$(echo "$entry" | jq -c '.value')
echo "Importing pipeline: $name"
curl --insecure -X PUT "https://${OGLOG_SERVER}:9200/_ingest/pipeline/$name" \
--user "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--header "Content-Type: application/json" \
--data "$body"
echo
done
}
restart_services() {
echo "Restarting services..."
systemctl daemon-reload
systemctl restart opensearch
systemctl restart opensearch-dashboards
systemctl restart grafana-server
systemctl restart journalbeat
systemctl restart prometheus
systemctl restart systemd-journal-remote
}
case $1 in
configure)
PREV_VERSION="$2"
if [ -z "$PREV_VERSION" ]; then
# Instalación inicial
echo "No previous version found, running initial configuration."
backup_file "$SSL_DIR/server.key"
backup_file "$SSL_DIR/server.crt"
generate_demo_cert "$CERT_ALT_NAMES"
update_etc_hosts
configure_file "/opt/opengnsys/oglog/etc/grafana/grafana.ini" "/etc/grafana/grafana.ini" grafana grafana
configure_file "/opt/opengnsys/oglog/etc/grafana/provisioning/datasources/prometheus.yaml" "/etc/grafana/provisioning/datasources/prometheus.yaml" grafana grafana
configure_file "/opt/opengnsys/oglog/etc/grafana/provisioning/dashboards/dashboard.yaml" "/etc/grafana/provisioning/dashboards/dashboard.yaml" grafana grafana
configure_file "/opt/opengnsys/oglog/etc/grafana/provisioning/alerting/alerts.yaml" "/etc/grafana/provisioning/alerting/alerts.yaml" grafana grafana
configure_file "/opt/opengnsys/oglog/etc/grafana/provisioning/alerting/contactpoint.yaml" "/etc/grafana/provisioning/alerting/contactpoint.yaml" grafana grafana
configure_file "/opt/opengnsys/oglog/etc/journalbeat/journalbeat.yml" "/etc/journalbeat/journalbeat.yml" root root
configure_file "/opt/opengnsys/oglog/etc/opensearch/opensearch.yml" "/etc/opensearch/opensearch.yml" opensearch opensearch
configure_file "/opt/opengnsys/oglog/etc/opensearch-dashboards/opensearch_dashboards.yml" "/etc/opensearch-dashboards/opensearch_dashboards.yml" opensearch-dashboards opensearch-dashboards
configure_file "/opt/opengenys/oglog/etc/prometheus/prometheus.yml" "/etc/prometheus/prometheus.yml" root root
configure_file "/opt/opengnsys/oglog/etc/prometheus/web-config.yml" "/etc/prometheus/web-config.yml" root root
configure_journal_remote
configure_opensearch_certiticates
configure_opensearch_dashboards_certificates
configure_journalbeat_certificates
configure_grafana
restart_services
sleep 5
echo "Creating OpenSearch index patterns and initial index..."
create_opensearch_index
else
echo "Upgrading from version $PREV_VERSION."
# Perform upgrade actions here if needed
fi
;;
*)
echo "Unknown action: $1"
exit 1
;;
esac

6
debian/oglog.postrm.debhelper vendored Normal file
View File

@ -0,0 +1,6 @@
# Automatically added by dh_installdebconf/13.14.1ubuntu5
if [ "$1" = purge ] && [ -e /usr/share/debconf/confmodule ]; then
. /usr/share/debconf/confmodule
db_purge
fi
# End automatically added section

2
debian/oglog.substvars vendored Normal file
View File

@ -0,0 +1,2 @@
misc:Depends=debconf (>= 0.5) | debconf-2.0
misc:Pre-Depends=

25
debian/oglog.templates vendored Normal file
View File

@ -0,0 +1,25 @@
Template: opengnsys/oglog_certificateAltNames
Type: string
Default: localhost
Description: Introduzca los nombres alternativos del certificado de OpenGNSys Log separados por comas
Template: opengnsys/oglog_opensearchInitialPassword
Type: password
Default: CorrectHorse_BatteryStaple1
Description: Introduzca la contraseña inicial de OpenSearch
Template: opengnsys/oglog_ogCoreIp
Type: string
Default: 127.0.0.1
Description: Introduzca la IP del servidor OpenGNSys Core
Template: opengnsys/oglog_ogLogIp
Type: string
Default: 127.0.0.1
Description: Introduzca la IP del servidor OpenGNSys Log
Template: opengnsys/oglog_subdomain
Type: string
Default: opengnsys
Description: Introduzca el subdominio para OpenGNSys Log

12
debian/oglog/DEBIAN/config vendored Executable file
View File

@ -0,0 +1,12 @@
#!/bin/bash
. /usr/share/debconf/confmodule
# Mostrar las preguntas al usuario en orden deseado
db_input high opengnsys/oglog_opensearchInitialPassword || true
db_input high opengnsys/oglog_ogCoreIp || true
db_input high opengnsys/oglog_ogLogIp || true
db_input high opengnsys/oglog_subdomain || true
db_input high opengnsys/oglog_certificateAltNames || true
# Lanzar el diálogo con el usuario
db_go

13
debian/oglog/DEBIAN/control vendored Normal file
View File

@ -0,0 +1,13 @@
Package: oglog
Version: 0.0.1-1
Architecture: amd64
Maintainer: Nicolas Arenas <narenas@qindel.com>
Installed-Size: 1521
Depends: debconf (>= 0.5) | debconf-2.0, opensearch, opensearch-dashboards, grafana, systemd-journal-remote, prometheus, journalbeat
Section: unknown
Priority: optional
Multi-Arch: foreign
Homepage: https://opengnsys.es
Description: auto-generated package by debmake
This Debian binary package was auto-generated by the
debmake(1) command provided by the debmake package.

27
debian/oglog/DEBIAN/md5sums vendored Normal file
View File

@ -0,0 +1,27 @@
b21eb22a15f70b9f4effb9c861a151ac opt/opengnsys/oglog/etc/filebeat/filebeat.yml
a1bca00a415f8e6ad671c9fc0e5aa599 opt/opengnsys/oglog/etc/grafana/dashboards/1860.json
fe48324bff332d3008b7ea20ef347c86 opt/opengnsys/oglog/etc/grafana/grafana.ini
5f30e6a73714660772795757730672a0 opt/opengnsys/oglog/etc/grafana/provisioning/alerting/alerts.yaml
6f792b6660385b5205bb88ec72017ff5 opt/opengnsys/oglog/etc/grafana/provisioning/alerting/contactpoint.yaml
e3e158174e4b0c887e3ebf8ab3270998 opt/opengnsys/oglog/etc/grafana/provisioning/dashboards/dashboard.yaml
210879070a80d49bc39325365568cfc2 opt/opengnsys/oglog/etc/grafana/provisioning/datasources/opensearch.yaml
c88702f9f323cb1c5769528af963d926 opt/opengnsys/oglog/etc/grafana/provisioning/datasources/prometheus.yaml
c9948ab4dcf48d6f964b7f5cb5a71b6e opt/opengnsys/oglog/etc/grafana/resources/alerts/alert-rules.json
c74acaaf45ab0129421e574020850d4d opt/opengnsys/oglog/etc/grafana/resources/dashboards/.json
61a25398ebaac88dc31463dcaaed53fc opt/opengnsys/oglog/etc/grafana/resources/dashboards/Estado_actual_de_los_clientes.json
111a7056ca200c19c3dfdc831462c7aa opt/opengnsys/oglog/etc/grafana/resources/dashboards/Node_Exporter_Full.json
83a8a06018e829535d16d477d8c0c1ad opt/opengnsys/oglog/etc/grafana/resources/dashboards/Peticiones_nginx.json
f683ca4a448cc6379d6f7ea0be4905d5 opt/opengnsys/oglog/etc/grafana/resources/dashboards/Traceo_y_comandos.json
d2b04ad33afe5f7817693c09fd028f58 opt/opengnsys/oglog/etc/grafana/resources/dashboards/Uso_de_IPs_de_subred.json
c74acaaf45ab0129421e574020850d4d opt/opengnsys/oglog/etc/grafana/resources/dashboards/null.json
b331b2d52722185ffe696134f2f21574 opt/opengnsys/oglog/etc/grafana/resources/datasources/datasources.json
bb9d630a4043ca40a02fc7d151def533 opt/opengnsys/oglog/etc/journalbeat/journalbeat.yml
6dfcc99992924abe469b3c37a5721a35 opt/opengnsys/oglog/etc/opensearch-dashboards/opensearch_dashboards.yml
f910f0079cac0a6c878001aa8d931cb6 opt/opengnsys/oglog/etc/opensearch-dashboards/saved_searches.ndjson
8265cff9992dbf2c247146a948ddc07b opt/opengnsys/oglog/etc/opensearch/opensearch.yml
9accc84d9ccdaf5dd7bb60ca69301bf1 opt/opengnsys/oglog/etc/opensearch/pipelines.json
91005de9a7933fc879fee2f8602a966e opt/opengnsys/oglog/etc/prometheus/prometheus.yml
b782a19c68d9f34cb55f907eba24bf97 opt/opengnsys/oglog/etc/prometheus/web-config.yml
8be54476ab923c429c20607c575a8878 usr/share/doc/oglog/README.Debian
91bbdf3919c8302a03cba3b728f55bc0 usr/share/doc/oglog/changelog.Debian.gz
26470036a67b744fed35f11a0c96fd2f usr/share/doc/oglog/copyright

299
debian/oglog/DEBIAN/postinst vendored Executable file
View File

@ -0,0 +1,299 @@
#!/bin/bash
set -e
. /usr/share/debconf/confmodule
## Load configuration does not matter if we are installing or upgrading
db_get opengnsys/oglog_opensearchInitialPassword
OPENSEARCH_INITIAL_ADMIN_PASSWORD="$RET"
db_get opengnsys/oglog_ogCoreIp
OGCORE_SERVER="$RET"
db_get opengnsys/oglog_ogLogIp
OGLOG_SERVER="$RET"
db_get opengnsys/oglog_subdomain
SUBDOMAIN="$RET"
db_get opengnsys/oglog_certificateAltNames
CERT_ALT_NAMES="$RET"
export OGCORE_SERVER
export OGLOG_SERVER
export SUBDOMAIN
export OPENSEARCH_INITIAL_ADMIN_PASSWORD
## Global variables
SSL_DIR="/opt/opengnsys/oglog/etc/certs"
backup_file() {
local FILE="$1"
if [ -f "$FILE" ]; then
local BACKUP_FILE="${FILE}.bak"
echo "Backing up $FILE to $BACKUP_FILE"
cp "$FILE" "$BACKUP_FILE"
else
echo "File $FILE does not exist, skipping backup."
fi
}
generate_demo_cert() {
local ALTNAMES="$1"
local KEY="$SSL_DIR/server.key"
local CERT="$SSL_DIR/server.crt"
local CN=oglog.local
mkdir -p "$SSL_DIR"
# Crear archivo san.cnf para OpenSSL
cat > "$SSL_DIR/san.cnf" <<EOF
[req]
distinguished_name=req_distinguished_name
x509_extensions=v3_req
prompt=no
[req_distinguished_name]
CN=$CN
[v3_req]
subjectAltName=@alt_names
[alt_names]
EOF
# Inicializar contadores
local dns_i=1
local ip_i=1
IFS=',' read -ra SAN_ENTRIES <<< "$ALTNAMES"
for entry in "${SAN_ENTRIES[@]}"; do
if [[ $entry =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
echo "IP.$ip_i = $entry" >> "$SSL_DIR/san.cnf"
((ip_i++))
elif [[ $entry =~ ^[a-zA-Z0-9.-]+$ ]]; then
echo "DNS.$dns_i = $entry" >> "$SSL_DIR/san.cnf"
((dns_i++))
else
echo "Ignorado (formato inválido): $entry"
fi
done
# Generar certificado
openssl req -x509 -new -nodes -newkey rsa:2048 \
-keyout "$KEY" \
-out "$CERT" \
-days 365 \
-config "$SSL_DIR/san.cnf" \
-extensions v3_req
chmod 0644 "$KEY"
chmod 0644 "$CERT"
echo "Certificado generado con:"
echo " - CN=$CN"
echo " - SANs: $ALTNAMES"
}
update_etc_hosts() {
local CN="oglog.local"
local HOSTS_FILE="/etc/hosts"
# Si CN ya está en /etc/hosts, no hacemos nada
if grep -q "$CN" "$HOSTS_FILE"; then
echo "El CN '$CN' ya está en $HOSTS_FILE, no se requiere actualización."
return
fi
echo "Actualizando $HOSTS_FILE para incluir el CN '$CN'."
# Agregar CN a la entrada de localhost en /etc/hosts
sudo sed -i "/127.0.0.1/s/$/ $CN/" /etc/hosts
}
### Main script execution starts here ###
configure_file() {
SRC_PATH=$1
DEST_PATH=$2
if [ -f "$SRC_PATH" ]; then
DEST_DIR=$(dirname "$DEST_PATH")
mkdir -p "$DEST_DIR"
echo "Configuring $DEST_PATH from $SRC_PATH"
envsubst < "$SRC_PATH" > "$DEST_PATH"
chmod 644 "$DEST_PATH"
chown "$USER":"$GROUP" "$DEST_PATH"
else
echo "Source file $SRC_PATH does not exist, skipping configuration."
fi
}
configure_journal_remote() {
local CONFIG_FILE="/etc/systemd/journal-remote.conf"
local SSL_CERT="$SSL_DIR/server.crt"
local SSL_KEY="$SSL_DIR/server.key"
sed -i "s|^# *ServerCertificateFile=.*|ServerCertificateFile=${SSL_CERT}|" /etc/systemd/journal-remote.conf
sed -i "s|^# *ServerPrivateKeyFile=.*|ServerPrivateKeyFile=${SSL_KEY}|" /etc/systemd/journal-remote.conf
sed -i "s|^# *TrustedCertificateFile=.*|TrustedCertificateFile=all|" /etc/systemd/journal-remote.conf
}
configure_opensearch_certiticates() {
local DEST_CERTS_DIR="/etc/opensearch/certs"
mkdir -p "$DEST_CERTS_DIR"
cp "$SSL_DIR/server.crt" "$DEST_CERTS_DIR/server.crt"
cp "$SSL_DIR/server.key" "$DEST_CERTS_DIR/server.key"
chown opensearch:opensearch "$DEST_CERTS_DIR/server.crt"
chown opensearch:opensearch "$DEST_CERTS_DIR/server.key"
chmod 644 "$DEST_CERTS_DIR/server.crt"
chmod 600 "$DEST_CERTS_DIR/server.key"
}
configure_opensearch_dashboards_certificates() {
local DEST_CERTS_DIR="/etc/opensearch-dashboards/certs"
mkdir -p "$DEST_CERTS_DIR"
cp "$SSL_DIR/server.crt" "$DEST_CERTS_DIR/server.crt"
cp "$SSL_DIR/server.key" "$DEST_CERTS_DIR/server.key"
chown opensearch-dashboards:opensearch-dashboards "$DEST_CERTS_DIR/server.crt"
chown opensearch-dashboards:opensearch-dashboards "$DEST_CERTS_DIR/server.key"
chmod 644 "$DEST_CERTS_DIR/server.crt"
chmod 600 "$DEST_CERTS_DIR/server.key"
}
configure_journalbeat_certificates() {
local DEST_CERTS_DIR="/etc/journalbeat/certs"
mkdir -p "$DEST_CERTS_DIR"
cp "$SSL_DIR/server.crt" "$DEST_CERTS_DIR/server.crt"
cp "$SSL_DIR/server.key" "$DEST_CERTS_DIR/server.key"
chown root:root "$DEST_CERTS_DIR/server.crt"
chown root:root "$DEST_CERTS_DIR/server.key"
chmod 644 "$DEST_CERTS_DIR/server.crt"
chmod 600 "$DEST_CERTS_DIR/server.key"
}
configure_grafana(){
local BASE_DIR="/etc/grafana"
local TMPLATE_BASE_DIR="/opt/opengnsys/oglog/etc/grafana"
local OPENSEARCH_TMPL_FILE="$TMPLATE_BASE_DIR/provisioning/datasources/opensearch.yaml"
local OPENSEARCH_FILE="$BASE_DIR/provisioning/datasources/opensearch.yaml"
# Install OpenSearch datasource plugin if not already installed
if ! grafana-cli plugins ls | grep -q "grafana-opensearch-datasource"; then
echo "Installing OpenSearch datasource plugin for Grafana..."
grafana-cli plugins install grafana-opensearch-datasource
fi
envsubst < "$OPENSEARCH_TMPL_FILE" > "$OPENSEARCH_FILE"
chown grafana:grafana "$OPENSEARCH_FILE"
chmod 644 "$OPENSEARCH_FILE"
echo "Configuring Grafana with OpenSearch datasource at $OPENSEARCH_FILE"
}
create_opensearch_index() {
echo "Creating OpenSearch index patterns and initial index..."
echo "Creating OpenSearch index pattern filebeat-*"
curl --insecure -X POST "https://${OGLOG_SERVER}:9200/.kibana/_doc/index-pattern:filebeat-*" \
--user "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--header 'Content-Type: application/json' \
--data '{
"type": "index-pattern",
"index-pattern": {
"title": "filebeat-*",
"timeFieldName": "@timestamp"
}
}'
echo $?
echo "Creating OpenSearch index pattern for journalbeat-*"
curl --insecure -X POST "https://${OGLOG_SERVER}:9200/.kibana/_doc/index-pattern:journalbeat-*" \
--user "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--header 'Content-Type: application/json' \
--data '{
"type": "index-pattern",
"index-pattern": {
"title": "journalbeat-*",
"timeFieldName": "@timestamp"
}
}'
echo $?
echo "Creating OpenSearch index filebeat-000001"
curl --insecure -X PUT "https://${OGLOG_SERVER}:9200/filebeat-000001" \
--user "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--header 'Content-Type: application/json' \
--data '{
"mappings": {
"properties": {
"@timestamp": { "type": "date" },
"message": { "type": "text" }
}
}
}'
echo $?
echo
## Import ingestion pipelines for opensearch
echo "Importing OpenSearch ingestion pipelines..."
jq -c 'to_entries[]' "/opt/opengnsys/oglog/etc/opensearch/pipelines.json" | while read -r entry
do
name=$(echo "$entry" | jq -r '.key')
body=$(echo "$entry" | jq -c '.value')
echo "Importing pipeline: $name"
curl --insecure -X PUT "https://${OGLOG_SERVER}:9200/_ingest/pipeline/$name" \
--user "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--header "Content-Type: application/json" \
--data "$body"
echo
done
}
restart_services() {
echo "Restarting services..."
systemctl daemon-reload
systemctl restart opensearch
systemctl restart opensearch-dashboards
systemctl restart grafana-server
systemctl restart journalbeat
systemctl restart prometheus
systemctl restart systemd-journal-remote
}
case $1 in
configure)
PREV_VERSION="$2"
if [ -z "$PREV_VERSION" ]; then
# Instalación inicial
echo "No previous version found, running initial configuration."
backup_file "$SSL_DIR/server.key"
backup_file "$SSL_DIR/server.crt"
generate_demo_cert "$CERT_ALT_NAMES"
update_etc_hosts
configure_file "/opt/opengnsys/oglog/etc/grafana/grafana.ini" "/etc/grafana/grafana.ini" grafana grafana
configure_file "/opt/opengnsys/oglog/etc/grafana/provisioning/datasources/prometheus.yaml" "/etc/grafana/provisioning/datasources/prometheus.yaml" grafana grafana
configure_file "/opt/opengnsys/oglog/etc/grafana/provisioning/dashboards/dashboard.yaml" "/etc/grafana/provisioning/dashboards/dashboard.yaml" grafana grafana
configure_file "/opt/opengnsys/oglog/etc/grafana/provisioning/alerting/alerts.yaml" "/etc/grafana/provisioning/alerting/alerts.yaml" grafana grafana
configure_file "/opt/opengnsys/oglog/etc/grafana/provisioning/alerting/contactpoint.yaml" "/etc/grafana/provisioning/alerting/contactpoint.yaml" grafana grafana
configure_file "/opt/opengnsys/oglog/etc/journalbeat/journalbeat.yml" "/etc/journalbeat/journalbeat.yml" root root
configure_file "/opt/opengnsys/oglog/etc/opensearch/opensearch.yml" "/etc/opensearch/opensearch.yml" opensearch opensearch
configure_file "/opt/opengnsys/oglog/etc/opensearch-dashboards/opensearch_dashboards.yml" "/etc/opensearch-dashboards/opensearch_dashboards.yml" opensearch-dashboards opensearch-dashboards
configure_file "/opt/opengenys/oglog/etc/prometheus/prometheus.yml" "/etc/prometheus/prometheus.yml" root root
configure_file "/opt/opengnsys/oglog/etc/prometheus/web-config.yml" "/etc/prometheus/web-config.yml" root root
configure_journal_remote
configure_opensearch_certiticates
configure_opensearch_dashboards_certificates
configure_journalbeat_certificates
configure_grafana
restart_services
sleep 5
echo "Creating OpenSearch index patterns and initial index..."
create_opensearch_index
else
echo "Upgrading from version $PREV_VERSION."
# Perform upgrade actions here if needed
fi
;;
*)
echo "Unknown action: $1"
exit 1
;;
esac

8
debian/oglog/DEBIAN/postrm vendored Executable file
View File

@ -0,0 +1,8 @@
#!/bin/sh
set -e
# Automatically added by dh_installdebconf/13.14.1ubuntu5
if [ "$1" = purge ] && [ -e /usr/share/debconf/confmodule ]; then
. /usr/share/debconf/confmodule
db_purge
fi
# End automatically added section

25
debian/oglog/DEBIAN/templates vendored Normal file
View File

@ -0,0 +1,25 @@
Template: opengnsys/oglog_certificateAltNames
Type: string
Default: localhost
Description: Introduzca los nombres alternativos del certificado de OpenGNSys Log separados por comas
Template: opengnsys/oglog_opensearchInitialPassword
Type: password
Default: CorrectHorse_BatteryStaple1
Description: Introduzca la contraseña inicial de OpenSearch
Template: opengnsys/oglog_ogCoreIp
Type: string
Default: 127.0.0.1
Description: Introduzca la IP del servidor OpenGNSys Core
Template: opengnsys/oglog_ogLogIp
Type: string
Default: 127.0.0.1
Description: Introduzca la IP del servidor OpenGNSys Log
Template: opengnsys/oglog_subdomain
Type: string
Default: opengnsys
Description: Introduzca el subdominio para OpenGNSys Log

29
debian/oglog/opt/opengnsys/oglog/etc/filebeat/filebeat.yml vendored Normal file
View File

@ -0,0 +1,29 @@
filebeat.inputs:
- type: log
enabled: true
paths:
- /var/log/opengnsys.log
- /home/*/opengnsys.log
setup.template.settings:
index.number_of_shards: 1
output.elasticsearch:
hosts: ["https://oglog-os.${SUBDOMAIN}:9200"]
username: "admin"
password: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}"
protocol: "https"
ssl.enabled: true
ssl.verification_mode: full
ssl.certificate: "/etc/filebeat/ogagent-fb.${SUBDOMAIN}.crt.pem"
ssl.key: "/etc/filebeat/ogagent-fb.${SUBDOMAIN}.key.pem"
processors:
- add_host_metadata:
when.not.contains.tags: forwarded
- add_cloud_metadata: ~
- add_docker_metadata: ~
- add_kubernetes_metadata: ~
seccomp.enabled: false

23899
debian/oglog/opt/opengnsys/oglog/etc/grafana/dashboards/1860.json vendored Normal file
View File

File diff suppressed because it is too large Load Diff

33
debian/oglog/opt/opengnsys/oglog/etc/grafana/grafana.ini vendored Normal file
View File

@ -0,0 +1,33 @@
[server]
protocol = https
cert_file = /opt/opengnsys/oglog/etc/certs/server.crt
cert_key = /opt/opengnsys/oglog/etc/certs/server.key
http_port = 3030
[analytics]
reporting_enabled = false
check_for_updates = false
check_for_plugin_updates = false
[database]
type = sqlite3
path = /var/lib/grafana/grafana.db
[auth]
disable_login_form = false
#################################### SMTP / Emailing ##########################
[smtp]
enabled = true
host = smtp.qindel.es:465
user = lgromero@qindel.com
password = ***
;cert_file =
;key_file =
skip_verify = true
from_address = lgromero@qindel.com
from_name = Grafana
[emails]
welcome_email_on_sign_up = false

133
debian/oglog/opt/opengnsys/oglog/etc/grafana/provisioning/alerting/alerts.yaml vendored Normal file
View File

@ -0,0 +1,133 @@
apiVersion: 1
groups:
- orgId: 1
name: root-disk-usage-check
folder: Node Exporter Alerts
interval: 1m
rules:
- uid: deknkrm5dz400b
title: Root FS Used
condition: C
data:
- refId: A
relativeTimeRange:
from: 86400
to: 0
datasourceUid: PBFA97CFB590B2093
model:
adhocFilters: []
datasource:
type: prometheus
uid: PBFA97CFB590B2093
editorMode: code
exemplar: false
expr: 100 - ((node_filesystem_avail_bytes{instance="ogserver.opengnsys:9100",job="ogserver",mountpoint="/",fstype!="rootfs"} * 100) / node_filesystem_size_bytes{instance="ogserver.opengnsys:9100",job="ogserver",mountpoint="/",fstype!="rootfs"})
format: time_series
instant: true
interval: ""
intervalFactor: 1
intervalMs: 15000
maxDataPoints: 43200
range: false
refId: A
step: 240
- refId: C
datasourceUid: __expr__
model:
conditions:
- evaluator:
params:
- 90
type: gt
operator:
type: and
query:
params:
- C
reducer:
params: []
type: last
type: query
datasource:
type: __expr__
uid: __expr__
expression: A
intervalMs: 1000
maxDataPoints: 43200
refId: C
type: threshold
dashboardUid: rYdddlPWk
panelId: 154
noDataState: NoData
execErrState: Error
annotations:
__dashboardUid__: rYdddlPWk
__panelId__: "154"
description: |-
Porcentaje de uso actual: ${A.Value}%
Punto de montaje: /
Job: ${__field.labels.job}
summary: 'Alerta: Uso alto del sistema de archivos raíz en ${__field.labels.instance}'
isPaused: false
notification_settings:
receiver: lgromero-email
- orgId: 1
name: server-host-down
folder: Node Exporter Alerts
interval: 10s
rules:
- uid: deknvl4y9svlsb
title: Server Down
condition: C
data:
- refId: A
relativeTimeRange:
from: 600
to: 0
datasourceUid: PBFA97CFB590B2093
model:
disableTextWrap: false
editorMode: builder
expr: up{job="ogserver"} == bool 0
fullMetaSearch: false
includeNullMetadata: true
instant: true
intervalMs: 1000
legendFormat: __auto
maxDataPoints: 43200
range: false
refId: A
useBackend: false
- refId: C
datasourceUid: __expr__
model:
conditions:
- evaluator:
params:
- 1
type: lt
operator:
type: and
query:
params:
- C
reducer:
params: []
type: last
type: query
datasource:
type: __expr__
uid: __expr__
expression: A
intervalMs: 1000
maxDataPoints: 43200
refId: C
type: threshold
noDataState: NoData
execErrState: Error
annotations:
description: Servidor ogcore caido
summary: Servidor ogcore caido
isPaused: false
notification_settings:
receiver: lgromero-email

19
debian/oglog/opt/opengnsys/oglog/etc/grafana/provisioning/alerting/contactpoint.yaml vendored Normal file
View File

@ -0,0 +1,19 @@
apiVersion: 1
contactPoints:
- orgId: 1
name: email receiver
receivers:
- uid: "email-receiver-uid"
type: email
settings:
addresses: <example@email.com>
disableResolveMessage: false
- orgId: 1
name: lgromero-email
receivers:
- uid: ceknjwd00htkwb
type: email
settings:
addresses: lgromero@qindel.com;qindel@opengnsys.es
singleEmail: false
disableResolveMessage: false

8
debian/oglog/opt/opengnsys/oglog/etc/grafana/provisioning/dashboards/dashboard.yaml vendored Normal file
View File

@ -0,0 +1,8 @@
apiVersion: 1
providers:
- name: 'default'
folder: ''
type: file
options:
path: /etc/grafana/dashboards

21
debian/oglog/opt/opengnsys/oglog/etc/grafana/provisioning/datasources/opensearch.yaml vendored Normal file
View File

@ -0,0 +1,21 @@
# Configuración de provisioning de datasource OpenSearch
apiVersion: 1
datasources:
- name: OpenSearch
type: grafana-opensearch-datasource
uid: opensearch-ds
access: proxy
url: https://${OGLOG_SERVER}:9200
basicAuth: true
basicAuthUser: admin
version: 2
secureJsonData:
basicAuthPassword: ${OPENSEARCH_INITIAL_ADMIN_PASSWORD}
jsonData:
version: 2.19.2
tlsSkipVerify: true
serverName: "${OGLOG_SERVER}"
timeField: "@timestamp"
database: "journalbeat-*"
flavor: "OpenSearch"
editable: true

8
debian/oglog/opt/opengnsys/oglog/etc/grafana/provisioning/datasources/prometheus.yaml vendored Normal file
View File

@ -0,0 +1,8 @@
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
access: proxy
url: https://${OGLOG_SERVER}:9090
isDefault: true

148
debian/oglog/opt/opengnsys/oglog/etc/grafana/resources/alerts/alert-rules.json vendored Normal file
View File

@ -0,0 +1,148 @@
[
{
"id": 1,
"uid": "fehoe93yzz20wf",
"orgID": 1,
"folderUID": "eehoe7oh9bs3kd",
"ruleGroup": "grupo-cada-1m",
"title": "Subred alta ocupación",
"condition": "C",
"data": [
{
"refId": "A",
"queryType": "",
"relativeTimeRange": {
"from": 600,
"to": 0
},
"datasourceUid": "dea978mh1bncwf",
"model": {
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"hide": false,
"intervalMs": 1000,
"maxDataPoints": 43200,
"rawQuery": true,
"rawSql": "SELECT\n s.name AS metric,\n ROUND(100 * COUNT(c.id) / (POW(2, 32 - BIT_COUNT(INET_ATON(s.netmask))) - 2), 2) AS usage_percentage\nFROM subnet s\nLEFT JOIN client c ON c.subnet_id = s.id\nGROUP BY s.id, s.name, s.netmask\nHAVING usage_percentage >= 80;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
},
{
"refId": "B",
"queryType": "",
"relativeTimeRange": {
"from": 0,
"to": 0
},
"datasourceUid": "__expr__",
"model": {
"conditions": [
{
"evaluator": {
"params": [],
"type": "gt"
},
"operator": {
"type": "and"
},
"query": {
"params": [
"B"
]
},
"reducer": {
"params": [],
"type": "last"
},
"type": "query"
}
],
"datasource": {
"type": "__expr__",
"uid": "__expr__"
},
"expression": "A",
"intervalMs": 1000,
"maxDataPoints": 43200,
"reducer": "last",
"refId": "B",
"type": "reduce"
}
},
{
"refId": "C",
"queryType": "",
"relativeTimeRange": {
"from": 0,
"to": 0
},
"datasourceUid": "__expr__",
"model": {
"conditions": [
{
"evaluator": {
"params": [
80
],
"type": "gt"
},
"operator": {
"type": "and"
},
"query": {
"params": [
"C"
]
},
"reducer": {
"params": [],
"type": "last"
},
"type": "query"
}
],
"datasource": {
"type": "__expr__",
"uid": "__expr__"
},
"expression": "A",
"intervalMs": 1000,
"maxDataPoints": 43200,
"refId": "C",
"type": "threshold"
}
}
],
"updated": "2025-04-02T07:36:00Z",
"noDataState": "NoData",
"execErrState": "Error",
"for": "1m",
"isPaused": false,
"notification_settings": {
"receiver": "grafana-default-email"
},
"record": null
}
]

7
debian/oglog/opt/opengnsys/oglog/etc/grafana/resources/dashboards/.json vendored Normal file
View File

@ -0,0 +1,7 @@
{
"extra": null,
"message": "Expired API key",
"messageId": "api-key.expired",
"statusCode": 401,
"traceID": ""
}

485
debian/oglog/opt/opengnsys/oglog/etc/grafana/resources/dashboards/Estado_actual_de_los_clientes.json vendored Normal file
View File

@ -0,0 +1,485 @@
{
"meta": {
"type": "db",
"canSave": true,
"canEdit": true,
"canAdmin": true,
"canStar": true,
"canDelete": true,
"slug": "estado-actual-de-los-clientes",
"url": "/d/eeaki78ey6fwgf/estado-actual-de-los-clientes",
"expires": "0001-01-01T00:00:00Z",
"created": "2025-01-20T14:28:07Z",
"updated": "2025-04-14T18:45:57Z",
"updatedBy": "Anonymous",
"createdBy": "admin",
"version": 10,
"hasAcl": false,
"isFolder": false,
"folderId": 0,
"folderUid": "",
"folderTitle": "General",
"folderUrl": "",
"provisioned": false,
"provisionedExternalId": "",
"annotationsPermissions": {
"dashboard": {
"canAdd": true,
"canEdit": true,
"canDelete": true
},
"organization": {
"canAdd": true,
"canEdit": true,
"canDelete": true
}
}
},
"dashboard": {
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 2,
"links": [],
"panels": [
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
}
},
"mappings": []
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 24,
"x": 0,
"y": 0
},
"id": 3,
"maxPerRow": 8,
"options": {
"displayLabels": [],
"legend": {
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"pieType": "pie",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "/^total$/",
"values": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "11.4.0",
"repeat": "organizational_unit",
"repeatDirection": "h",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "WITH RECURSIVE recursive_units AS (\n SELECT id, name FROM organizational_unit WHERE name IN (${organizational_unit:sqlstring})\n UNION ALL\n SELECT ou.id, ou.name\n FROM organizational_unit ou\n JOIN recursive_units ru ON ou.parent_id = ru.id\n)\n\nSELECT \n ru.name AS organizational_unit,\n client.status,\n COUNT(*) AS total\nFROM \n client\nJOIN \n organizational_unit ou ON client.organizational_unit_id = ou.id\nJOIN \n recursive_units ru ON ou.id = ru.id\nGROUP BY \n ru.name, client.status\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Estado de ordenadores: ${organizational_unit}",
"transformations": [
{
"id": "filterFieldsByName",
"options": {
"include": {
"names": [
"total",
"organizational_unit",
"status"
]
}
}
}
],
"type": "piechart"
},
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "status_og_live"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "red",
"mode": "fixed"
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "status_off"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "super-light-blue",
"mode": "fixed"
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "status_windows"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "light-purple",
"mode": "fixed"
}
}
]
}
]
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 8
},
"id": 2,
"options": {
"barRadius": 0,
"barWidth": 0.97,
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "normal",
"tooltip": {
"mode": "single",
"sort": "none"
},
"xField": "organizational_unit",
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT \n organizational_unit.name AS organizational_unit,\n SUM(CASE WHEN client.status = 'off' THEN 1 ELSE 0 END) AS status_off,\n SUM(CASE WHEN client.status = 'windows' THEN 1 ELSE 0 END) AS status_windows,\n SUM(CASE WHEN client.status = 'linux' THEN 1 ELSE 0 END) AS status_linux,\n SUM(CASE WHEN client.status = 'og-live' THEN 1 ELSE 0 END) AS status_og_live\nFROM \n client\nJOIN \n organizational_unit ON client.organizational_unit_id = organizational_unit.id\nGROUP BY \n organizational_unit.name\nORDER BY \n organizational_unit.name;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Estado de equipos por unidad organizativa",
"type": "barchart"
},
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [
{
"options": {
"linux": {
"color": "purple",
"index": 1
},
"off": {
"color": "super-light-blue",
"index": 0
},
"og-live": {
"color": "yellow",
"index": 2
},
"windows": {
"color": "blue",
"index": 3
}
},
"type": "value"
}
],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 16
},
"id": 1,
"options": {
"barRadius": 0,
"barWidth": 0.97,
"colorByField": "status",
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "none",
"tooltip": {
"mode": "single",
"sort": "none"
},
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT status, COUNT(*) AS count\nFROM client\nGROUP BY status;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Panel Title",
"type": "barchart"
}
],
"preload": false,
"schemaVersion": 40,
"tags": [],
"templating": {
"list": [
{
"current": {
"text": [
"ARQ (Despacho)"
],
"value": [
"ARQ (Despacho)"
]
},
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"definition": "SELECT DISTINCT name FROM organizational_unit ORDER BY name",
"description": "",
"includeAll": true,
"label": "Unidad Organizativa",
"multi": true,
"name": "organizational_unit",
"options": [],
"query": "SELECT DISTINCT name FROM organizational_unit ORDER BY name",
"refresh": 1,
"regex": "",
"type": "query"
}
]
},
"timepicker": {},
"timezone": "browser",
"title": "Estado actual de los clientes",
"uid": "eeaki78ey6fwgf",
"version": 10,
"weekStart": ""
}
}

23937
debian/oglog/opt/opengnsys/oglog/etc/grafana/resources/dashboards/Node_Exporter_Full.json vendored Normal file
View File

File diff suppressed because it is too large Load Diff

189
debian/oglog/opt/opengnsys/oglog/etc/grafana/resources/dashboards/Peticiones_nginx.json vendored Normal file
View File

@ -0,0 +1,189 @@
{
"meta": {
"type": "db",
"canSave": true,
"canEdit": true,
"canAdmin": true,
"canStar": true,
"canDelete": true,
"slug": "peticiones-nginx",
"url": "/d/aeho5mwznhzb4d/peticiones-nginx",
"expires": "0001-01-01T00:00:00Z",
"created": "2025-04-02T05:59:24Z",
"updated": "2025-04-14T18:45:57Z",
"updatedBy": "Anonymous",
"createdBy": "admin",
"version": 3,
"hasAcl": false,
"isFolder": false,
"folderId": 0,
"folderUid": "",
"folderTitle": "General",
"folderUrl": "",
"provisioned": false,
"provisionedExternalId": "",
"annotationsPermissions": {
"dashboard": {
"canAdd": true,
"canEdit": true,
"canDelete": true
},
"organization": {
"canAdd": true,
"canEdit": true,
"canDelete": true
}
}
},
"dashboard": {
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 4,
"links": [],
"panels": [
{
"datasource": {
"type": "grafana-opensearch-datasource",
"uid": "opensearch-ds"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"barWidthFactor": 0.6,
"drawStyle": "line",
"fillOpacity": 0,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"insertNulls": false,
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "auto",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 0
},
"id": 1,
"options": {
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "11.4.0",
"targets": [
{
"alias": "",
"bucketAggs": [
{
"field": "@timestamp",
"id": "2",
"settings": {
"interval": "auto"
},
"type": "date_histogram"
}
],
"datasource": {
"type": "grafana-opensearch-datasource",
"uid": "opensearch-ds"
},
"format": "table",
"luceneQueryType": "Metric",
"metrics": [
{
"id": "1",
"type": "count"
}
],
"query": "container.name: \"ogcore-nginx\"",
"queryType": "lucene",
"refId": "A",
"timeField": "@timestamp"
}
],
"title": "Numero de peticiones nginx",
"type": "timeseries"
}
],
"preload": false,
"schemaVersion": 40,
"tags": [],
"templating": {
"list": []
},
"timepicker": {},
"timezone": "browser",
"title": "Peticiones nginx",
"uid": "aeho5mwznhzb4d",
"version": 3,
"weekStart": ""
}
}

470
debian/oglog/opt/opengnsys/oglog/etc/grafana/resources/dashboards/Traceo_y_comandos.json vendored Normal file
View File

@ -0,0 +1,470 @@
{
"meta": {
"type": "db",
"canSave": true,
"canEdit": true,
"canAdmin": true,
"canStar": true,
"canDelete": true,
"slug": "traceo-y-comandos",
"url": "/d/cehkmg691ogsge/traceo-y-comandos",
"expires": "0001-01-01T00:00:00Z",
"created": "2025-04-01T06:13:37Z",
"updated": "2025-04-14T18:45:57Z",
"updatedBy": "Anonymous",
"createdBy": "admin",
"version": 13,
"hasAcl": false,
"isFolder": false,
"folderId": 0,
"folderUid": "",
"folderTitle": "General",
"folderUrl": "",
"provisioned": false,
"provisionedExternalId": "",
"annotationsPermissions": {
"dashboard": {
"canAdd": true,
"canEdit": true,
"canDelete": true
},
"organization": {
"canAdd": true,
"canEdit": true,
"canDelete": true
}
}
},
"dashboard": {
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 3,
"links": [],
"panels": [
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"fixedColor": "red",
"mode": "fixed"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "in_progress"
},
"properties": [
{
"id": "color",
"value": {
"mode": "palette-classic"
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "success"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "green",
"mode": "fixed"
}
}
]
}
]
},
"gridPos": {
"h": 7,
"w": 24,
"x": 0,
"y": 0
},
"id": 3,
"options": {
"barRadius": 0,
"barWidth": 0.94,
"colorByField": "status",
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "none",
"tooltip": {
"mode": "single",
"sort": "none"
},
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"repeat": "organizational_unit",
"repeatDirection": "h",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT \n ou.name AS organizational_unit,\n SUM(CASE WHEN trace.status = 'failed' THEN 1 ELSE 0 END) AS failed,\n SUM(CASE WHEN trace.status = 'in-progress' THEN 1 ELSE 0 END) AS in_progress,\n SUM(CASE WHEN trace.status = 'success' THEN 1 ELSE 0 END) AS success\nFROM trace\nJOIN client ON trace.client_id = client.id\nJOIN organizational_unit ou ON client.organizational_unit_id = ou.id\nWHERE ou.name IN (${organizational_unit:sqlstring})\nGROUP BY ou.name\nORDER BY ou.name;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Estado de comandos: ${organizational_unit}",
"type": "barchart"
},
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 7
},
"id": 2,
"options": {
"barRadius": 0,
"barWidth": 0.97,
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "none",
"tooltip": {
"mode": "single",
"sort": "none"
},
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT \n command,\n ROUND(AVG(TIMESTAMPDIFF(SECOND, executed_at, finished_at))) AS avg_seconds\nFROM trace\nWHERE finished_at IS NOT NULL\nGROUP BY command\nORDER BY avg_seconds DESC;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Tiempo de media en segundos de la duración de los comandos",
"type": "barchart"
},
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"fixedColor": "light-red",
"mode": "fixed"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"min": 0,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 7
},
"id": 4,
"options": {
"barRadius": 0,
"barWidth": 0.97,
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "none",
"tooltip": {
"mode": "single",
"sort": "none"
},
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT \n command,\n COUNT(*) AS total_failed\nFROM trace\nWHERE status = 'failed'\nGROUP BY command\nORDER BY total_failed DESC;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Número de errores por tipo de comando",
"type": "barchart"
}
],
"preload": false,
"schemaVersion": 40,
"tags": [],
"templating": {
"list": [
{
"current": {
"text": [
"PCs internos"
],
"value": [
"PCs internos"
]
},
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"definition": "SELECT DISTINCT name FROM organizational_unit ORDER BY name",
"description": "SELECT DISTINCT name FROM organizational_unit ORDER BY name",
"includeAll": true,
"label": "Unidad Organizativa",
"multi": true,
"name": "organizational_unit",
"options": [],
"query": "SELECT DISTINCT name FROM organizational_unit ORDER BY name",
"refresh": 1,
"regex": "",
"type": "query"
}
]
},
"timepicker": {},
"timezone": "browser",
"title": "Traceo y comandos",
"uid": "cehkmg691ogsge",
"version": 13,
"weekStart": ""
}
}

248
debian/oglog/opt/opengnsys/oglog/etc/grafana/resources/dashboards/Uso_de_IPs_de_subred.json vendored Normal file
View File

@ -0,0 +1,248 @@
{
"meta": {
"type": "db",
"canSave": true,
"canEdit": true,
"canAdmin": true,
"canStar": true,
"canDelete": true,
"slug": "uso-de-ips-de-subred",
"url": "/d/eehoawvwyk6iof/uso-de-ips-de-subred",
"expires": "0001-01-01T00:00:00Z",
"created": "2025-04-02T06:58:34Z",
"updated": "2025-04-14T18:45:57Z",
"updatedBy": "Anonymous",
"createdBy": "admin",
"version": 3,
"hasAcl": false,
"isFolder": false,
"folderId": 0,
"folderUid": "",
"folderTitle": "General",
"folderUrl": "",
"provisioned": false,
"provisionedExternalId": "",
"annotationsPermissions": {
"dashboard": {
"canAdd": true,
"canEdit": true,
"canDelete": true
},
"organization": {
"canAdd": true,
"canEdit": true,
"canDelete": true
}
}
},
"dashboard": {
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 5,
"links": [],
"panels": [
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"decimals": 1,
"fieldMinMax": false,
"mappings": [],
"max": 100,
"min": 1,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "percent"
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "usage_percentage"
},
"properties": [
{
"id": "custom.hideFrom",
"value": {
"legend": false,
"tooltip": false,
"viz": false
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "max_ips"
},
"properties": [
{
"id": "custom.hideFrom",
"value": {
"legend": false,
"tooltip": false,
"viz": true
}
},
{
"id": "unit",
"value": "none"
}
]
},
{
"matcher": {
"id": "byName",
"options": "assigned_clients"
},
"properties": [
{
"id": "unit",
"value": "none"
},
{
"id": "custom.hideFrom",
"value": {
"legend": false,
"tooltip": false,
"viz": true
}
}
]
}
]
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 0
},
"id": 1,
"options": {
"barRadius": 0,
"barWidth": 0.97,
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "none",
"tooltip": {
"mode": "multi",
"sort": "none"
},
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT\n s.name AS metric, -- Esto Grafana lo usa como \"etiqueta\" por subred\n COUNT(c.id) AS assigned_clients,\n POW(2, 32 - BIT_COUNT(INET_ATON(s.netmask))) - 2 AS max_ips,\n ROUND(100 * COUNT(c.id) / (POW(2, 32 - BIT_COUNT(INET_ATON(s.netmask))) - 2), 2) AS usage_percentage\nFROM subnet s\nLEFT JOIN client c ON c.subnet_id = s.id\nGROUP BY s.id, s.name, s.netmask\nORDER BY usage_percentage DESC;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Panel Title",
"type": "barchart"
}
],
"preload": false,
"schemaVersion": 40,
"tags": [],
"templating": {
"list": []
},
"timepicker": {},
"timezone": "browser",
"title": "Uso de IPs de subred",
"uid": "eehoawvwyk6iof",
"version": 3,
"weekStart": ""
}
}

7
debian/oglog/opt/opengnsys/oglog/etc/grafana/resources/dashboards/null.json vendored Normal file
View File

@ -0,0 +1,7 @@
{
"extra": null,
"message": "Expired API key",
"messageId": "api-key.expired",
"statusCode": 401,
"traceID": ""
}

46
debian/oglog/opt/opengnsys/oglog/etc/grafana/resources/datasources/datasources.json vendored Normal file
View File

@ -0,0 +1,46 @@
[
{
"id": 2,
"uid": "dea978mh1bncwf",
"orgId": 1,
"name": "mysql",
"type": "mysql",
"typeName": "MySQL",
"typeLogoUrl": "public/app/plugins/datasource/mysql/img/mysql_logo.svg",
"access": "proxy",
"url": "__OGCORE_IP__:3306",
"user": "root",
"secureJsonData": {
"password": "root"
},
"database": "ogcore",
"basicAuth": false,
"isDefault": false,
"jsonData": {
"connMaxLifetime": 14400,
"database": "ogcore",
"maxIdleConns": 100,
"maxIdleConnsAuto": true,
"maxOpenConns": 100,
"tlsSkipVerify": false
},
"readOnly": false
},
{
"id": 1,
"uid": "PBFA97CFB590B2093",
"orgId": 1,
"name": "Prometheus",
"type": "prometheus",
"typeName": "Prometheus",
"typeLogoUrl": "public/app/plugins/datasource/prometheus/img/prometheus_logo.svg",
"access": "proxy",
"url": "https://oglog-prom.${SUBDOMAIN}:9090",
"user": "",
"database": "",
"basicAuth": false,
"isDefault": true,
"jsonData": {},
"readOnly": true
}
]

25
debian/oglog/opt/opengnsys/oglog/etc/journalbeat/journalbeat.yml vendored Normal file
View File

@ -0,0 +1,25 @@
journalbeat.inputs:
- paths:
- "/var/log/journal"
- "/var/log/journal/remote"
seek: cursor
setup.template.settings:
index.number_of_shards: 1
output.elasticsearch:
hosts: ["https://${OGLOG_SERVER}:9200"]
username: "admin"
password: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}"
pipeline: "master_pipeline"
protocol: "https"
ssl.enabled: true
ssl.verification_mode: none
ssl.certificate: "/etc/journalbeat/certs/server.crt"
ssl.key: "/etc/journalbeat/certs/server.key"
processors:
- add_docker_metadata: ~
seccomp.enabled: false

13
debian/oglog/opt/opengnsys/oglog/etc/opensearch-dashboards/opensearch_dashboards.yml vendored Normal file
View File

@ -0,0 +1,13 @@
server.host: 0.0.0.0
opensearch.hosts: ["https://${OGLOG_SERVER}:9200"]
opensearch.username: "admin"
opensearch.password: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}"
server.ssl.enabled: true
server.ssl.certificate: /etc/opensearch-dashboards/certs/server.crt
server.ssl.key: /etc/opensearch-dashboards/certs/server.key
opensearch.ssl.certificate: /etc/opensearch-dashboards/certs/server.crt
opensearch.ssl.key: /etc/opensearch-dashboards/certs/server.key
opensearch.ssl.verificationMode: none
#opensearch.ssl.certificateAuthorities: ["/etc/opensearch-dashboards/certs/server.crt"]
opensearch.ssl.alwaysPresentCertificate: false

10
debian/oglog/opt/opengnsys/oglog/etc/opensearch-dashboards/saved_searches.ndjson vendored Normal file
View File

@ -0,0 +1,10 @@
{"attributes":{"columns":["agent.name","host.ip","host.mac","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"log.file.path\",\"params\":{\"query\":\"/var/log/opengnsys.log\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"log.file.path\":\"/var/log/opengnsys.log\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Ogagent","version":1},"id":"06a268e0-d3d0-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-16T06:08:03.537Z","version":"WzQ5LDJd"}
{"attributes":{"columns":["_source"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"log.file.path\",\"params\":{\"query\":\"/var/log/nginx/ogcore-access.log\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"log.file.path\":\"/var/log/nginx/ogcore-access.log\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"ogcore-nginx","version":1},"id":"0c6388d0-d3d1-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-16T06:13:48.124Z","version":"WzUzLDJd"}
{"attributes":{"columns":["agent.name","host.ip","host.mac","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30m\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"log.file.path\",\"params\":{\"query\":\"/var/log/opengnsys.log\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"log.file.path\":\"/var/log/opengnsys.log\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"agent.name\",\"params\":{\"query\":\"pc-modelo-ubuntu24-2\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"agent.name\":\"pc-modelo-ubuntu24-2\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Ogagent - agent name","version":1},"id":"353bcbf0-d7d2-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-21T08:32:10.797Z","version":"WzU1LDJd"}
{"attributes":{"columns":["_source"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Kea Dhcp","version":1},"id":"39976990-d3cf-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-16T06:00:44.967Z","version":"WzQzLDJd"}
{"attributes":{"columns":["parsed_message.severity","parsed_message.operation","parsed_message.http_code","parsed_message.desc","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"syslog.identifier\",\"params\":{\"query\":\"ogdhcp\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"syslog.identifier\":\"ogdhcp\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Ogdhcp","version":1},"id":"8542fc60-d249-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-14T07:33:35.272Z","version":"WzQyLDJd"}
{"attributes":{"columns":["parsed_message.severity","parsed_message.method","parsed_message.request_uri","parsed_message.operation","parsed_message.http_code","parsed_message.desc","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"syslog.identifier\",\"negate\":false,\"params\":{\"query\":\"ogboot\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"syslog.identifier\":\"ogboot\"}}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Ogboot","version":1},"id":"8b2a50b0-d244-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-14T07:00:24.803Z","version":"WzM1LDJd"}
{"attributes":{"columns":["parsed_json.severity","parsed_json.component","parsed_json.operation","parsed_json.desc"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"syslog.identifier\",\"params\":{\"query\":\"ogcore\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"syslog.identifier\":\"ogcore\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"ogcore-php","version":1},"id":"abe87370-d188-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-13T08:30:40.160Z","version":"WzksMl0="}
{"exportedCount":7,"missingRefCount":0,"missingReferences":[]}

35
debian/oglog/opt/opengnsys/oglog/etc/opensearch/opensearch.yml vendored Normal file
View File

@ -0,0 +1,35 @@
# WARNING: revise all the lines below before you go into production
network.host: 0.0.0.0
plugins.security.ssl.transport.pemcert_filepath: /etc/opensearch/certs/server.crt
plugins.security.ssl.transport.pemkey_filepath: /etc/opensearch/certs/server.key
plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/opensearch/certs/server.crt
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.http.enabled: true
plugins.security.ssl.http.pemcert_filepath: /etc/opensearch/certs/server.crt
plugins.security.ssl.http.pemkey_filepath: /etc/opensearch/certs/server.key
plugins.security.ssl.http.pemtrustedcas_filepath: /etc/opensearch/certs/server.crt
plugins.security.allow_unsafe_democertificates: true
plugins.security.allow_default_init_securityindex: true
plugins.security.ssl.http.clientauth_mode: OPTIONAL
plugins.security.ssl_cert_reload_enabled: true
plugins.security.authcz.admin_dn: ['CN=oglog.local']
plugins.security.audit.type: internal_opensearch
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.restapi.roles_enabled: [all_access, security_rest_api_access]
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [.plugins-ml-agent, .plugins-ml-config, .plugins-ml-connector,
.plugins-ml-controller, .plugins-ml-model-group, .plugins-ml-model, .plugins-ml-task,
.plugins-ml-conversation-meta, .plugins-ml-conversation-interactions, .plugins-ml-memory-meta,
.plugins-ml-memory-message, .plugins-ml-stop-words, .opendistro-alerting-config,
.opendistro-alerting-alert*, .opendistro-anomaly-results*, .opendistro-anomaly-detector*,
.opendistro-anomaly-checkpoints, .opendistro-anomaly-detection-state, .opendistro-reports-*,
.opensearch-notifications-*, .opensearch-notebooks, .opensearch-observability, .ql-datasources,
.opendistro-asynchronous-search-response*, .replication-metadata-store, .opensearch-knn-models,
.geospatial-ip2geo-data*, .plugins-flow-framework-config, .plugins-flow-framework-templates,
.plugins-flow-framework-state]
node.max_local_storage_nodes: 3
discovery.type: single-node
compatibility.override_main_response_version: true

605
debian/oglog/opt/opengnsys/oglog/etc/opensearch/pipelines.json vendored Normal file
View File

@ -0,0 +1,605 @@
{
"filter_ogdhcp_pipeline" : {
"description" : "Parse logs to extract http_code and desc, while preserving original message",
"processors" : [
{
"script" : {
"if" : "ctx.syslog?.identifier != 'ogdhcp'",
"source" : "\n ctx.debug = 'Skipped: identifier is ' + (ctx.syslog?.identifier ?: 'undefined');\n ctx.pipeline_stop = true; // Stops further processing but retains the document\n "
}
},
{
"set" : {
"field" : "debug",
"value" : "Processed: identifier is ogdhcp"
}
},
{
"script" : {
"source" : "\n ctx.processed_message = ctx.message;\n "
}
},
{
"gsub" : {
"field" : "processed_message",
"pattern" : "^app\\.[A-Z]+: ",
"replacement" : "",
"ignore_failure" : true
}
},
{
"gsub" : {
"field" : "processed_message",
"pattern" : "^request\\.INFO: Matched route \".*?\"\\. ",
"replacement" : "",
"ignore_failure" : true
}
},
{
"json" : {
"field" : "processed_message",
"target_field" : "parsed_message",
"ignore_failure" : true
}
},
{
"set" : {
"field" : "route",
"value" : "{{parsed_message.route}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.route != null"
}
},
{
"set" : {
"field" : "route_parameters",
"value" : "{{parsed_message.route_parameters}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.route_parameters != null"
}
},
{
"set" : {
"field" : "request_uri",
"value" : "{{parsed_message.request_uri}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.request_uri != null"
}
},
{
"set" : {
"field" : "method",
"value" : "{{parsed_message.method}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.method != null"
}
},
{
"set" : {
"field" : "http_code",
"value" : "{{parsed_message.http_code}}",
"ignore_empty_value" : true
}
},
{
"set" : {
"field" : "description",
"value" : "{{parsed_message.desc}}",
"ignore_empty_value" : true
}
}
]
},
"master_pipeline" : {
"description" : "Master pipeline to route logs based on syslog.identifier",
"processors" : [
{
"pipeline" : {
"name" : "filter_tftp_pipeline",
"if" : "ctx.syslog?.identifier == 'in.tftpd'"
}
},
{
"pipeline" : {
"name" : "filter_ogboot_pipeline",
"if" : "ctx.syslog?.identifier == 'ogboot'"
}
},
{
"pipeline" : {
"name" : "filter_ogdhcp_pipeline",
"if" : "ctx.syslog?.identifier == 'ogdhcp'"
}
},
{
"pipeline" : {
"name" : "kea_dhcp_pipeline",
"if" : "ctx.syslog?.identifier == 'kea-dhcp4'"
}
},
{
"pipeline" : {
"name" : "ogrepo_pipeline",
"if" : "ctx.syslog?.identifier == 'ogrepo-api'"
}
},
{
"pipeline" : {
"name" : "docker_logs_pipeline",
"if" : "ctx.syslog?.identifier == 'docker'"
}
},
{
"json": {
"field": "message",
"target_field": "parsed_message",
"ignore_failure": true,
"if": "ctx.syslog?.identifier == 'ogcore'"
}
},
{
"set" : {
"field" : "debug",
"value" : "No matching pipeline, skipping further processing.",
"if" : "ctx.syslog?.identifier != 'in.tftpd' && ctx.syslog?.identifier != 'ogboot' && ctx.syslog?.identifier != 'kea-dhcp4' && ctx.syslog?.identifier != 'ogrepo-api' && ctx.syslog?.identifier != 'docker'"
}
}
]
},
"json_parse_pipeline" : {
"description" : "Parse JSON payload from logs",
"processors" : [
{
"json" : {
"field" : "message",
"target_field" : "parsed_json",
"ignore_failure" : true
}
}
]
},
"docker_logs_pipeline" : {
"description" : "Parse Docker logs and route based on container name",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"%{DATA:container.name}\\s*\\|%{GREEDYDATA:log_details}"
],
"ignore_failure" : true
}
},
{
"pipeline" : {
"name" : "parse_nginx_logs",
"if" : "ctx.container?.name == 'ogcore-nginx'",
"ignore_failure" : true
}
},
{
"json" : {
"field" : "log_details",
"target_field" : "parsed_json",
"ignore_failure" : true
}
}
]
},
"json_parse_with_replacement_debug" : {
"description" : "Debug replacement of single quotes with double quotes and parse JSON",
"processors" : [
{
"script" : {
"source" : "\n ctx.message = ctx.message.replace(\"'\", \"\\\"\");\n "
}
},
{
"set" : {
"field" : "debug_message",
"value" : "{{ message }}"
}
},
{
"json" : {
"field" : "message",
"target_field" : "parsed_json",
"ignore_failure" : true
}
}
]
},
"ogrepo_parse_pipeline" : {
"description" : "Parse ogRepo logs for detailed JSON information",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"%{TIMESTAMP_ISO8601:timestamp} %{DATA:hostname} %{DATA:service}\\[%{NUMBER:pid}\\]: %{GREEDYDATA:json_payload}"
],
"ignore_failure" : true
}
},
{
"json" : {
"field" : "json_payload",
"target_field" : "parsed_json",
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "parsed_json.component",
"target_field" : "component",
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "parsed_json.severity",
"target_field" : "severity",
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "parsed_json.http_code",
"target_field" : "http_code",
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "parsed_json.operation",
"target_field" : "operation",
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "parsed_json.desc",
"target_field" : "description",
"ignore_failure" : true
}
}
]
},
"kea_dhcp_pipeline" : {
"description" : "Parse logs from kea-dhcp4 to extract key fields",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:level} \\[%{DATA:service}/%{NUMBER:pid}\\.%{DATA:thread_id}\\] %{DATA:event_type} \\[hwtype=%{NUMBER:hw_type} %{MAC:mac_address}\\](?:, cid=\\[%{DATA:cid}\\])?, tid=%{DATA:transaction_id}: (?:lease %{IP:ip_address} %{GREEDYDATA:event_details})?"
],
"ignore_failure" : true
}
},
{
"set" : {
"field" : "service",
"value" : "kea-dhcp4",
"ignore_failure" : true
}
}
]
},
"kea_dhcp_filebeat_pipeline" : {
"description" : "Parse Kea DHCP logs from Filebeat",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:level} \\[%{DATA:service}/%{NUMBER:pid}\\.%{DATA:thread_id}\\] %{DATA:event_type} \\[hwtype=%{NUMBER:hw_type} %{MAC:mac_address}\\](?:, cid=\\[%{DATA:cid}\\])?, tid=%{DATA:transaction_id}: (?:lease %{IP:ip_address} %{GREEDYDATA:event_details})?"
],
"ignore_failure" : true
}
},
{
"set" : {
"field" : "service",
"value" : "kea-dhcp4",
"ignore_failure" : true
}
},
{
"date" : {
"field" : "timestamp",
"formats" : [
"yyyy-MM-dd HH:mm:ss.SSS"
],
"target_field" : "@timestamp",
"ignore_failure" : true
}
}
]
},
"filter_ogboot_pipeline" : {
"description" : "Parse logs to extract http_code and desc, while preserving original message",
"processors" : [
{
"script" : {
"if" : "ctx.syslog?.identifier != 'ogboot'",
"source" : "\n ctx.debug = 'Skipped: identifier is ' + (ctx.syslog?.identifier ?: 'undefined');\n ctx.pipeline_stop = true; // Stops further processing but retains the document\n "
}
},
{
"set" : {
"field" : "debug",
"value" : "Processed: identifier is ogboot"
}
},
{
"script" : {
"source" : "\n ctx.processed_message = ctx.message;\n "
}
},
{
"gsub" : {
"field" : "processed_message",
"pattern" : "^app\\.[A-Z]+: ",
"replacement" : "",
"ignore_failure" : true
}
},
{
"gsub" : {
"field" : "processed_message",
"pattern" : "^request\\.INFO: Matched route \".*?\"\\. ",
"replacement" : "",
"ignore_failure" : true
}
},
{
"json" : {
"field" : "processed_message",
"target_field" : "parsed_message",
"ignore_failure" : true
}
},
{
"set" : {
"field" : "route",
"value" : "{{parsed_message.route}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.route != null"
}
},
{
"set" : {
"field" : "route_parameters",
"value" : "{{parsed_message.route_parameters}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.route_parameters != null"
}
},
{
"set" : {
"field" : "request_uri",
"value" : "{{parsed_message.request_uri}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.request_uri != null"
}
},
{
"set" : {
"field" : "method",
"value" : "{{parsed_message.method}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.method != null"
}
},
{
"set" : {
"field" : "http_code",
"value" : "{{parsed_message.http_code}}",
"ignore_empty_value" : true
}
},
{
"set" : {
"field" : "description",
"value" : "{{parsed_message.desc}}",
"ignore_empty_value" : true
}
}
]
},
"ogrepo_pipeline" : {
"description" : "Pipeline to parse ogRepo logs",
"processors" : [
{
"set" : {
"field" : "debug_message",
"value" : "{{message}}"
}
},
{
"script" : {
"source" : "\n if (ctx.message != null) {\n ctx.message = ctx.message.replace(\"'\", \"\\\"\")\n }\n "
}
},
{
"json" : {
"field" : "message",
"target_field" : "parsed_json",
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "message",
"ignore_failure" : true
}
}
]
},
"parse_nginx_logs" : {
"description" : "Parse logs from Nginx in the 'main' log format with debug information",
"processors" : [
{
"set" : {
"field" : "debug",
"value" : "Entered parse_nginx_logs pipeline",
"ignore_failure" : true
}
},
{
"gsub" : {
"field" : "log_details",
"pattern" : "^\\s+",
"replacement" : "",
"ignore_failure" : true
}
},
{
"grok" : {
"field" : "log_details",
"patterns" : [
"%{IP:client_ip} %{GREEDYDATA:rest}"
],
"ignore_failure" : true
}
},
{
"grok" : {
"field" : "rest",
"patterns" : [
"- %{DATA:remote_user} \\[%{HTTPDATE:timestamp}\\] %{GREEDYDATA:rest_after_timestamp}"
],
"ignore_failure" : true
}
},
{
"grok" : {
"field" : "rest_after_timestamp",
"patterns" : [
"\"%{WORD:method} %{DATA:request_path} HTTP/%{NUMBER:http_version}\" %{NUMBER:status} %{NUMBER:body_bytes} %{GREEDYDATA:rest_referer}"
],
"ignore_failure" : true
}
},
{
"grok" : {
"field" : "rest_referer",
"patterns" : [
"\"%{DATA:referer}\" \"%{GREEDYDATA:nginx_user_agent}\""
],
"ignore_failure" : true
}
},
{
"date" : {
"field" : "timestamp",
"formats" : [
"dd/MMM/yyyy:HH:mm:ss Z"
],
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"remove" : {
"field" : [
"rest"
],
"ignore_missing" : true
}
}
]
},
"kea_dhcp_parse_pipeline" : {
"description" : "Parse Kea DHCP logs for detailed information",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"%{TIMESTAMP_ISO8601:timestamp} +%{LOGLEVEL:log_level} \\[%{DATA:source}/%{NUMBER:pid}.%{NUMBER:thread_id}\\] %{WORD:message_id} \\[%{DATA:hwtype}\\], cid=%{DATA:cid}, tid=%{DATA:tid}: lease %{IP:lease} has been allocated for %{NUMBER:lease_duration} seconds"
],
"ignore_failure" : true
}
},
{
"set" : {
"field" : "service",
"value" : "kea-dhcp4",
"ignore_failure" : true
}
}
]
},
"json_parse_with_replacement" : {
"description" : "Replace single quotes with double quotes and parse JSON",
"processors" : [
{
"script" : {
"source" : "\n ctx.message = ctx.message.replace(\"'\", \"\\\"\");\n "
}
},
{
"json" : {
"field" : "message",
"target_field" : "parsed_json"
}
}
]
},
"tftp_parse_pipeline" : {
"description" : "Parse logs from in.tftpd to extract filename and client IP",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"RRQ from %{HOSTNAME:client_ip} filename %{GREEDYDATA:filename}"
],
"ignore_failure" : true
}
},
{
"set" : {
"field" : "service",
"value" : "tftpd",
"ignore_failure" : true
}
}
]
},
"filter_tftp_pipeline" : {
"description" : "Parse logs from in.tftpd to extract filename and client IP",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"RRQ from %{HOSTNAME:client_ip} filename %{GREEDYDATA:filename}"
],
"ignore_failure" : true
}
},
{
"set" : {
"field" : "service_name",
"value" : "tftpd",
"ignore_failure" : true
}
}
]
},
"copy-message-pipeline" : {
"description" : "Pipeline que copia el campo message a message_raw",
"processors" : [
{
"set" : {
"field" : "message_raw",
"value" : "{{message}}"
}
}
]
}
}

13
debian/oglog/opt/opengnsys/oglog/etc/prometheus/prometheus.yml vendored Normal file
View File

@ -0,0 +1,13 @@
global:
scrape_interval: 15s
evaluation_interval: 15s
scrape_configs:
- job_name: ogserver
static_configs:
- targets: ['ogserver.${SUBDOMAIN}:9100']
- job_name: ogagent
static_configs:
- targets: ['ogagent.${SUBDOMAIN}:9100']

4
debian/oglog/opt/opengnsys/oglog/etc/prometheus/web-config.yml vendored Normal file
View File

@ -0,0 +1,4 @@
tls_server_config:
cert_file: /etc/prometheus/oglog-prom.${SUBDOMAIN}.crt.pem
key_file: /etc/prometheus/oglog-prom.${SUBDOMAIN}.key.pem

8
debian/oglog/usr/share/doc/oglog/README.Debian vendored Normal file
View File

@ -0,0 +1,8 @@
oglog for Debian
Please edit this to provide information specific to
this oglog Debian package.
(Automatically generated by debmake Version 4.4.0)
-- vagrant <> Mon, 07 Jul 2025 11:17:41 +0000

BIN
debian/oglog/usr/share/doc/oglog/changelog.Debian.gz vendored Normal file
View File

Binary file not shown.

51
debian/oglog/usr/share/doc/oglog/copyright vendored Normal file
View File

@ -0,0 +1,51 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: oglog
Upstream-Contact: <preferred name and address to reach the upstream project>
Source: <url://example.com>
#
# Please double check copyright with the licensecheck(1) command.
Files: .env
README.md
etc/filebeat/filebeat.yml
etc/grafana/grafana.ini
etc/grafana/provisioning/alerting/alerts.yaml
etc/grafana/provisioning/alerting/contactpoint.yaml
etc/grafana/provisioning/dashboards/dashboard.yaml
etc/grafana/provisioning/datasources/opensearch.yaml
etc/grafana/provisioning/datasources/prometheus.yaml
etc/grafana/resources/alerts/alert-rules.json
etc/grafana/resources/dashboards/.json
etc/grafana/resources/dashboards/Estado_actual_de_los_clientes.json
etc/grafana/resources/dashboards/Node_Exporter_Full.json
etc/grafana/resources/dashboards/Peticiones_nginx.json
etc/grafana/resources/dashboards/Traceo_y_comandos.json
etc/grafana/resources/dashboards/Uso_de_IPs_de_subred.json
etc/grafana/resources/dashboards/null.json
etc/grafana/resources/datasources/datasources.json
etc/journalbeat/journalbeat.yml
etc/opensearch-dashboards/opensearch_dashboards.yml
etc/opensearch-dashboards/saved_searches.ndjson
etc/opensearch/opensearch.yml
etc/opensearch/pipelines.json
etc/prometheus/prometheus.yml
etc/prometheus/web-config.yml
poc/Vagrantfile
poc/mkcerts.sh
script/Documentación script OgLog.md
script/agent.sh
script/export_grafana.sh
script/import_grafana.sh
script/journal-upload.sh
script/mkcerts.sh
script/oglog_installer.sh
script/pipeline-bulk.sh
script/pipeline-individual.sh
script/pipeline.sh
script/setup_grafana_token.sh
Copyright: __NO_COPYRIGHT_NOR_LICENSE__
License: __NO_COPYRIGHT_NOR_LICENSE__
#----------------------------------------------------------------------------
# Files marked as NO_LICENSE_TEXT_FOUND may be covered by the following
# license/copyright files.

1
debian/patches/series vendored Normal file
View File

@ -0,0 +1 @@
# You must remove unused comment lines for the released package.

9
debian/rules vendored Executable file
View File

@ -0,0 +1,9 @@
#!/usr/bin/make -f
# You must remove unused comment lines for the released package.
#export DH_VERBOSE = 1
#export DEB_BUILD_MAINT_OPTIONS = hardening=+all
#export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic
#export DEB_LDFLAGS_MAINT_APPEND = -Wl,-O1
%:
dh $@

10
debian/salsa-ci.yml vendored Normal file
View File

@ -0,0 +1,10 @@
# For more information on what jobs are run see:
# https://salsa.debian.org/salsa-ci-team/pipeline
#
# To enable the jobs, go to your repository (at salsa.debian.org)
# and click over Settings > CI/CD > Expand (in General pipelines).
# In "CI/CD configuration file" write debian/salsa-ci.yml and click
# in "Save Changes". The CI tests will run after the next commit.
---
include:
- https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml

1
debian/source/format vendored Normal file
View File

@ -0,0 +1 @@
3.0 (quilt)

4
debian/source/local-options vendored Normal file
View File

@ -0,0 +1,4 @@
#
# ### gbp-buildpackage(1) user may like this. ###
#abort-on-upstream-changes
#unapply-patches

4
debian/source/options vendored Normal file
View File

@ -0,0 +1,4 @@
#
# ### dgit-maint-merge(7) workflow user need this ###
# single-debian-patch
# auto-commit

22
debian/source/patch-header vendored Normal file
View File

@ -0,0 +1,22 @@
The automatically generated patch puts this free form text on top of it.
If you are using gbp-buildpackage(1), you probably don't need this file.
If you are using dgit-maint-merge(7), please consider text as follows.
The Debian packaging of foo is maintained in git, using the merging workflow
described in dgit-maint-merge(7). There isn't a patch queue that can be
represented as a quilt series.
A detailed breakdown of the changes is available from their canonical
representation - git commits in the packaging repository. For example, to see
the changes made by the Debian maintainer in the first upload of upstream
version 1.2.3, you could use:
% git clone https://git.dgit.debian.org/foo
% cd foo
% git log --oneline 1.2.3..debian/1.2.3-1 -- . ':!debian'
(If you have dgit, use `dgit clone foo`, rather than plain `git clone`.)
A single combined diff, containing all the changes, follows.

9
debian/tests/control vendored Normal file
View File

@ -0,0 +1,9 @@
#
# DEP-8: autopkgtest - automatic as-installed package testing
# Please check * https://dep-team.pages.debian.net/deps/dep8/
# * /usr/share/doc/autopkgtest
#
# !!! Please make sure to edit this to a valid test, otherwise build will fails
#
#Tests: testcode.sh
#Restrictions: allow-stderr, breaks-testbed, needs-internet, needs-root

16
debian/upstream/metadata vendored Normal file
View File

@ -0,0 +1,16 @@
#
# DEP-12: Per-package machine-readable metadata about Upstream
# Please check * https://dep-team.pages.debian.net/deps/dep12/
# * https://wiki.debian.org/UpstreamMetadata
Reference:
Author: <please use full names and separate multiple author by the keyword "and">
Title:
Journal:
Year:
Volume:
Number:
Pages:
DOI:
PMID:
URL:
eprint:

2
debian/watch vendored Normal file
View File

@ -0,0 +1,2 @@
# You must remove unused comment lines for the released package.
version=3

23899
etc/grafana/dashboards/1860.json Normal file
View File

File diff suppressed because it is too large Load Diff

6
etc/grafana/grafana.ini
View File

@ -1,7 +1,9 @@
[server] [server]
protocol = https protocol = https
cert_file = /etc/grafana/oglog-graf.${SUBDOMAIN}.crt.pem cert_file = /opt/opengnsys/oglog/etc/certs/server.crt
cert_key = /etc/grafana/oglog-graf.${SUBDOMAIN}.key.pem cert_key = /opt/opengnsys/oglog/etc/certs/server.key
http_port = 3030
[analytics] [analytics]
reporting_enabled = false reporting_enabled = false

16
etc/grafana/provisioning/datasources/opensearch.yaml
View File

@ -5,23 +5,17 @@ datasources:
type: grafana-opensearch-datasource type: grafana-opensearch-datasource
uid: opensearch-ds uid: opensearch-ds
access: proxy access: proxy
url: https://oglog-os.${SUBDOMAIN}:9200 url: https://${OGLOG_SERVER}:9200
basicAuth: true basicAuth: true
basicAuthUser: admin basicAuthUser: admin
version: 2
secureJsonData: secureJsonData:
basicAuthPassword: ${OPENSEARCH_INITIAL_ADMIN_PASSWORD} basicAuthPassword: ${OPENSEARCH_INITIAL_ADMIN_PASSWORD}
tlsCACert: |
${TLS_CA_CERT}
tlsClientCert: |
${TLS_CLIENT_CERT}
tlsClientKey: |
${TLS_CLIENT_KEY}
jsonData: jsonData:
serverName: "oglog-os.${SUBDOMAIN}" version: 2.19.2
tlsAuth: true tlsSkipVerify: true
tlsAuthWithCACert: true serverName: "${OGLOG_SERVER}"
timeField: "@timestamp" timeField: "@timestamp"
database: "journalbeat-*" database: "journalbeat-*"
flavor: "OpenSearch" flavor: "OpenSearch"
version: 2
editable: true editable: true

2
etc/grafana/provisioning/datasources/prometheus.yaml
View File

@ -3,6 +3,6 @@ datasources:
- name: Prometheus - name: Prometheus
type: prometheus type: prometheus
access: proxy access: proxy
url: https://oglog-prom.${SUBDOMAIN}:9090 url: https://${OGLOG_SERVER}:9090
isDefault: true isDefault: true

8
etc/journalbeat/journalbeat.yml
View File

@ -8,15 +8,15 @@ setup.template.settings:
index.number_of_shards: 1 index.number_of_shards: 1
output.elasticsearch: output.elasticsearch:
hosts: ["https://oglog-os.${SUBDOMAIN}:9200"] hosts: ["https://${OGLOG_SERVER}:9200"]
username: "admin" username: "admin"
password: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}" password: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}"
pipeline: "master_pipeline" pipeline: "master_pipeline"
protocol: "https" protocol: "https"
ssl.enabled: true ssl.enabled: true
ssl.verification_mode: full ssl.verification_mode: none
ssl.certificate: "/etc/journalbeat/oglog-jb.${SUBDOMAIN}.crt.pem" ssl.certificate: "/etc/journalbeat/certs/server.crt"
ssl.key: "/etc/journalbeat/oglog-jb.${SUBDOMAIN}.key.pem" ssl.key: "/etc/journalbeat/certs/server.key"
processors: processors:
- add_docker_metadata: ~ - add_docker_metadata: ~

16
etc/opensearch-dashboards/opensearch_dashboards.yml
View File

@ -1,13 +1,13 @@
server.host: 0.0.0.0 server.host: 0.0.0.0
opensearch.hosts: ["https://oglog-os.${SUBDOMAIN}:9200"] opensearch.hosts: ["https://${OGLOG_SERVER}:9200"]
opensearch.username: "admin" opensearch.username: "admin"
opensearch.password: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}" opensearch.password: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}"
server.ssl.enabled: true server.ssl.enabled: true
server.ssl.certificate: /etc/opensearch-dashboards/oglog-osdb.${SUBDOMAIN}.crt.pem server.ssl.certificate: /etc/opensearch-dashboards/certs/server.crt
server.ssl.key: /etc/opensearch-dashboards/oglog-osdb.${SUBDOMAIN}.key.pem server.ssl.key: /etc/opensearch-dashboards/certs/server.key
opensearch.ssl.certificate: /etc/opensearch-dashboards/oglog-osdb.${SUBDOMAIN}.crt.pem opensearch.ssl.certificate: /etc/opensearch-dashboards/certs/server.crt
opensearch.ssl.key: /etc/opensearch-dashboards/oglog-osdb.${SUBDOMAIN}.key.pem opensearch.ssl.key: /etc/opensearch-dashboards/certs/server.key
opensearch.ssl.verificationMode: full opensearch.ssl.verificationMode: none
opensearch.ssl.certificateAuthorities: ["/etc/ssl/certs/ca.crt.pem"] #opensearch.ssl.certificateAuthorities: ["/etc/opensearch-dashboards/certs/server.crt"]
opensearch.ssl.alwaysPresentCertificate: true opensearch.ssl.alwaysPresentCertificate: false

21
etc/opensearch/opensearch.yml
View File

@ -1,16 +1,18 @@
# WARNING: revise all the lines below before you go into production # WARNING: revise all the lines below before you go into production
network.host: "${OGLOG_IP}" network.host: 0.0.0.0
plugins.security.ssl.transport.pemcert_filepath: esnode.pem plugins.security.ssl.transport.pemcert_filepath: /etc/opensearch/certs/server.crt
plugins.security.ssl.transport.pemkey_filepath: esnode-key.pem plugins.security.ssl.transport.pemkey_filepath: /etc/opensearch/certs/server.key
plugins.security.ssl.transport.pemtrustedcas_filepath: root-ca.pem plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/opensearch/certs/server.crt
plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.http.enabled: true plugins.security.ssl.http.enabled: true
plugins.security.ssl.http.pemcert_filepath: oglog-os.${SUBDOMAIN}.crt.pem plugins.security.ssl.http.pemcert_filepath: /etc/opensearch/certs/server.crt
plugins.security.ssl.http.pemkey_filepath: oglog-os.${SUBDOMAIN}.key.pem plugins.security.ssl.http.pemkey_filepath: /etc/opensearch/certs/server.key
plugins.security.ssl.http.pemtrustedcas_filepath: ca.crt.pem plugins.security.ssl.http.pemtrustedcas_filepath: /etc/opensearch/certs/server.crt
plugins.security.allow_unsafe_democertificates: true plugins.security.allow_unsafe_democertificates: true
plugins.security.allow_default_init_securityindex: true plugins.security.allow_default_init_securityindex: true
plugins.security.authcz.admin_dn: ['CN=kirk,OU=client,O=client,L=test,C=de'] plugins.security.ssl.http.clientauth_mode: OPTIONAL
plugins.security.ssl_cert_reload_enabled: true
plugins.security.authcz.admin_dn: ['CN=oglog.local']
plugins.security.audit.type: internal_opensearch plugins.security.audit.type: internal_opensearch
plugins.security.enable_snapshot_restore_privilege: true plugins.security.enable_snapshot_restore_privilege: true
plugins.security.check_snapshot_restore_write_privileges: true plugins.security.check_snapshot_restore_write_privileges: true
@ -29,6 +31,5 @@ plugins.security.system_indices.indices: [.plugins-ml-agent, .plugins-ml-config,
node.max_local_storage_nodes: 3 node.max_local_storage_nodes: 3
discovery.type: single-node discovery.type: single-node
compatibility.override_main_response_version: true compatibility.override_main_response_version: true
plugins.security.ssl.http.clientauth_mode: REQUIRE
plugins.security.ssl_cert_reload_enabled: true