opengnsys
/
oglog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: opengnsys:main
Branches Tags
opengnsys:oglog-script
opengnsys:main
opengnsys:poc
...
pull from: opengnsys:oglog-script
Branches Tags
opengnsys:oglog-script
opengnsys:main
opengnsys:poc

22 Commits
main ... oglog-scri

Author SHA1 Message Date
Luis Gerardo Romero Garcia 56c9edca19 refs #1666 secured password in datasource mysql 2025-04-28 08:01:58 +02:00
Luis Gerardo Romero Garcia 7b03d3024c refs #1666 provisional certs in NFS server 2025-04-28 07:08:33 +02:00
Luis Gerardo Romero Garcia c2b0dd2787 refs #1666 fix password variable 2025-04-28 06:59:55 +02:00
Luis Gerardo Romero Garcia d3002f1ba5 refs #1666 add missing master pipeline to journalbeat and changes mysql port in datasource 2025-04-28 06:57:08 +02:00
Luis Gerardo Romero Garcia a06396fb2f refs #1929 add subdomain variable to hosts 2025-04-27 21:50:04 +02:00
Luis Gerardo Romero Garcia b7c6d6e7fc refs #1929 add missing export to conffigure opensearch yaml 2025-04-27 21:48:53 +02:00
Luis Gerardo Romero Garcia 8e699661fa refs #1666 fix opensearch datarsource import in grafana 2025-04-27 18:25:44 +02:00
Luis Gerardo Romero Garcia 8ed0c65544 refs #1806 changes script import/export to accept entry parameters, adds openserach.yaml to import openserach datasources 2025-04-25 12:47:27 +02:00
Luis Gerardo Romero Garcia 8683ab471a refs #1929 changes all certs to dynamic subdomain in oglog and ogcore 2025-04-22 15:24:08 +02:00
root b957867d41 refs #1806 Removes id when import grafana dashboard. Use absolute route in opensearch yml. Add opensearch pipeline to import. Adds saved searches and import in opensearch 2025-04-16 07:56:30 +00:00
root e7fa49ffd1 refs #1806 add new directory resources to save all grafana configuration exported. Adds new scripts export/import grafana configurations and setup grafana token. Updates oglog script installation to import saved dashboards in repo 2025-04-15 06:45:33 +00:00
Luis Gerardo Romero Garcia 7a295580eb refs #1718 add all other componentes in installer 2025-03-28 08:32:38 +01:00
Luis Gerardo Romero Garcia 0770cb1265 refs # refactor installer, adds etc where is configuration templates 2025-03-28 08:30:56 +01:00
root 40c0b91644 refs #1299 2025-01-14 09:53:48 +00:00
Dawrys Pilar dc8a832087 refs #1125 #1300 2024-12-18 15:06:27 +00:00
Dawrys Pilar 06bcefbc28 Se borra carpeta CA 2024-12-17 11:24:44 +00:00
Dawrys Pilar 8b94d0fafb bug fix 2024-12-12 07:36:06 +00:00
Dawrys Pilar 206de8755a bug fix 2024-12-11 14:27:17 +00:00
Dawrys Pilar 52262b8305 bug fix 2024-12-11 14:21:58 +00:00
Dawrys Pilar aec0aa7bf6 Cambios journalbeat 2024-12-10 13:06:01 +01:00
Dawrys Pilar eee03c37ee Cambios script.sh y journal-upload.sh 2024-12-10 12:29:32 +01:00
Dawrys Pilar dae74aa2f6 Creacion carpeta script 2024-12-03 10:17:18 +01:00
33 changed files with 27383 additions and 0 deletions
Show Stats Expand all files Collapse all files

4
.env 100644
View File

@ -0,0 +1,4 @@
OGLOG_IP=192.168.2.4
OGCORE_IP=192.168.2.1
OPENSEARCH_INITIAL_ADMIN_PASSWORD=CorrectHorse_BatteryStaple1
SUBDOMAIN=opengnsys

29
etc/filebeat/filebeat.yml 100644
View File

@ -0,0 +1,29 @@
filebeat.inputs:
- type: log
enabled: true
paths:
- /var/log/opengnsys.log
- /home/*/opengnsys.log
setup.template.settings:
index.number_of_shards: 1
output.elasticsearch:
hosts: ["https://oglog-os.${SUBDOMAIN}:9200"]
username: "admin"
password: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}"
protocol: "https"
ssl.enabled: true
ssl.verification_mode: full
ssl.certificate: "/etc/filebeat/ogagent-fb.${SUBDOMAIN}.crt.pem"
ssl.key: "/etc/filebeat/ogagent-fb.${SUBDOMAIN}.key.pem"
processors:
- add_host_metadata:
when.not.contains.tags: forwarded
- add_cloud_metadata: ~
- add_docker_metadata: ~
- add_kubernetes_metadata: ~
seccomp.enabled: false

17
etc/grafana/grafana.ini 100644
View File

@ -0,0 +1,17 @@
[server]
protocol = https
cert_file = /etc/grafana/oglog-graf.${SUBDOMAIN}.crt.pem
cert_key = /etc/grafana/oglog-graf.${SUBDOMAIN}.key.pem
[analytics]
reporting_enabled = false
check_for_updates = false
check_for_plugin_updates = false
[database]
type = sqlite3
path = /var/lib/grafana/grafana.db
[auth]
disable_login_form = false

8
etc/grafana/provisioning/dashboards/dashboard.yaml 100644
View File

@ -0,0 +1,8 @@
apiVersion: 1
providers:
- name: 'default'
folder: ''
type: file
options:
path: /etc/grafana/dashboards

27
etc/grafana/provisioning/datasources/opensearch.yaml 100644
View File

@ -0,0 +1,27 @@
# Configuración de provisioning de datasource OpenSearch
apiVersion: 1
datasources:
- name: OpenSearch
type: grafana-opensearch-datasource
uid: opensearch-ds
access: proxy
url: https://oglog-os.${SUBDOMAIN}:9200
basicAuth: true
basicAuthUser: admin
secureJsonData:
basicAuthPassword: ${OPENSEARCH_INITIAL_ADMIN_PASSWORD}
tlsCACert: |
${TLS_CA_CERT}
tlsClientCert: |
${TLS_CLIENT_CERT}
tlsClientKey: |
${TLS_CLIENT_KEY}
jsonData:
serverName: "oglog-os.${SUBDOMAIN}"
tlsAuth: true
tlsAuthWithCACert: true
timeField: "@timestamp"
database: "journalbeat-*"
flavor: "OpenSearch"
version: 2
editable: true

8
etc/grafana/provisioning/datasources/prometheus.yaml 100644
View File

@ -0,0 +1,8 @@
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
access: proxy
url: https://oglog-prom.${SUBDOMAIN}:9090
isDefault: true

148
etc/grafana/resources/alerts/alert-rules.json 100644
View File

@ -0,0 +1,148 @@
[
{
"id": 1,
"uid": "fehoe93yzz20wf",
"orgID": 1,
"folderUID": "eehoe7oh9bs3kd",
"ruleGroup": "grupo-cada-1m",
"title": "Subred alta ocupación",
"condition": "C",
"data": [
{
"refId": "A",
"queryType": "",
"relativeTimeRange": {
"from": 600,
"to": 0
},
"datasourceUid": "dea978mh1bncwf",
"model": {
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"hide": false,
"intervalMs": 1000,
"maxDataPoints": 43200,
"rawQuery": true,
"rawSql": "SELECT\n s.name AS metric,\n ROUND(100 * COUNT(c.id) / (POW(2, 32 - BIT_COUNT(INET_ATON(s.netmask))) - 2), 2) AS usage_percentage\nFROM subnet s\nLEFT JOIN client c ON c.subnet_id = s.id\nGROUP BY s.id, s.name, s.netmask\nHAVING usage_percentage >= 80;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
},
{
"refId": "B",
"queryType": "",
"relativeTimeRange": {
"from": 0,
"to": 0
},
"datasourceUid": "__expr__",
"model": {
"conditions": [
{
"evaluator": {
"params": [],
"type": "gt"
},
"operator": {
"type": "and"
},
"query": {
"params": [
"B"
]
},
"reducer": {
"params": [],
"type": "last"
},
"type": "query"
}
],
"datasource": {
"type": "__expr__",
"uid": "__expr__"
},
"expression": "A",
"intervalMs": 1000,
"maxDataPoints": 43200,
"reducer": "last",
"refId": "B",
"type": "reduce"
}
},
{
"refId": "C",
"queryType": "",
"relativeTimeRange": {
"from": 0,
"to": 0
},
"datasourceUid": "__expr__",
"model": {
"conditions": [
{
"evaluator": {
"params": [
80
],
"type": "gt"
},
"operator": {
"type": "and"
},
"query": {
"params": [
"C"
]
},
"reducer": {
"params": [],
"type": "last"
},
"type": "query"
}
],
"datasource": {
"type": "__expr__",
"uid": "__expr__"
},
"expression": "A",
"intervalMs": 1000,
"maxDataPoints": 43200,
"refId": "C",
"type": "threshold"
}
}
],
"updated": "2025-04-02T07:36:00Z",
"noDataState": "NoData",
"execErrState": "Error",
"for": "1m",
"isPaused": false,
"notification_settings": {
"receiver": "grafana-default-email"
},
"record": null
}
]

7
etc/grafana/resources/dashboards/.json 100644
View File

@ -0,0 +1,7 @@
{
"extra": null,
"message": "Expired API key",
"messageId": "api-key.expired",
"statusCode": 401,
"traceID": ""
}

485
etc/grafana/resources/dashboards/Estado_actual_de_los_clientes.json 100644
View File

@ -0,0 +1,485 @@
{
"meta": {
"type": "db",
"canSave": true,
"canEdit": true,
"canAdmin": true,
"canStar": true,
"canDelete": true,
"slug": "estado-actual-de-los-clientes",
"url": "/d/eeaki78ey6fwgf/estado-actual-de-los-clientes",
"expires": "0001-01-01T00:00:00Z",
"created": "2025-01-20T14:28:07Z",
"updated": "2025-04-14T18:45:57Z",
"updatedBy": "Anonymous",
"createdBy": "admin",
"version": 10,
"hasAcl": false,
"isFolder": false,
"folderId": 0,
"folderUid": "",
"folderTitle": "General",
"folderUrl": "",
"provisioned": false,
"provisionedExternalId": "",
"annotationsPermissions": {
"dashboard": {
"canAdd": true,
"canEdit": true,
"canDelete": true
},
"organization": {
"canAdd": true,
"canEdit": true,
"canDelete": true
}
}
},
"dashboard": {
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 2,
"links": [],
"panels": [
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
}
},
"mappings": []
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 24,
"x": 0,
"y": 0
},
"id": 3,
"maxPerRow": 8,
"options": {
"displayLabels": [],
"legend": {
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"pieType": "pie",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "/^total$/",
"values": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "11.4.0",
"repeat": "organizational_unit",
"repeatDirection": "h",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "WITH RECURSIVE recursive_units AS (\n SELECT id, name FROM organizational_unit WHERE name IN (${organizational_unit:sqlstring})\n UNION ALL\n SELECT ou.id, ou.name\n FROM organizational_unit ou\n JOIN recursive_units ru ON ou.parent_id = ru.id\n)\n\nSELECT \n ru.name AS organizational_unit,\n client.status,\n COUNT(*) AS total\nFROM \n client\nJOIN \n organizational_unit ou ON client.organizational_unit_id = ou.id\nJOIN \n recursive_units ru ON ou.id = ru.id\nGROUP BY \n ru.name, client.status\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Estado de ordenadores: ${organizational_unit}",
"transformations": [
{
"id": "filterFieldsByName",
"options": {
"include": {
"names": [
"total",
"organizational_unit",
"status"
]
}
}
}
],
"type": "piechart"
},
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "status_og_live"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "red",
"mode": "fixed"
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "status_off"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "super-light-blue",
"mode": "fixed"
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "status_windows"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "light-purple",
"mode": "fixed"
}
}
]
}
]
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 8
},
"id": 2,
"options": {
"barRadius": 0,
"barWidth": 0.97,
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "normal",
"tooltip": {
"mode": "single",
"sort": "none"
},
"xField": "organizational_unit",
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT \n organizational_unit.name AS organizational_unit,\n SUM(CASE WHEN client.status = 'off' THEN 1 ELSE 0 END) AS status_off,\n SUM(CASE WHEN client.status = 'windows' THEN 1 ELSE 0 END) AS status_windows,\n SUM(CASE WHEN client.status = 'linux' THEN 1 ELSE 0 END) AS status_linux,\n SUM(CASE WHEN client.status = 'og-live' THEN 1 ELSE 0 END) AS status_og_live\nFROM \n client\nJOIN \n organizational_unit ON client.organizational_unit_id = organizational_unit.id\nGROUP BY \n organizational_unit.name\nORDER BY \n organizational_unit.name;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Estado de equipos por unidad organizativa",
"type": "barchart"
},
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [
{
"options": {
"linux": {
"color": "purple",
"index": 1
},
"off": {
"color": "super-light-blue",
"index": 0
},
"og-live": {
"color": "yellow",
"index": 2
},
"windows": {
"color": "blue",
"index": 3
}
},
"type": "value"
}
],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 16
},
"id": 1,
"options": {
"barRadius": 0,
"barWidth": 0.97,
"colorByField": "status",
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "none",
"tooltip": {
"mode": "single",
"sort": "none"
},
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT status, COUNT(*) AS count\nFROM client\nGROUP BY status;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Panel Title",
"type": "barchart"
}
],
"preload": false,
"schemaVersion": 40,
"tags": [],
"templating": {
"list": [
{
"current": {
"text": [
"ARQ (Despacho)"
],
"value": [
"ARQ (Despacho)"
]
},
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"definition": "SELECT DISTINCT name FROM organizational_unit ORDER BY name",
"description": "",
"includeAll": true,
"label": "Unidad Organizativa",
"multi": true,
"name": "organizational_unit",
"options": [],
"query": "SELECT DISTINCT name FROM organizational_unit ORDER BY name",
"refresh": 1,
"regex": "",
"type": "query"
}
]
},
"timepicker": {},
"timezone": "browser",
"title": "Estado actual de los clientes",
"uid": "eeaki78ey6fwgf",
"version": 10,
"weekStart": ""
}
}

23937
etc/grafana/resources/dashboards/Node_Exporter_Full.json 100644
View File

File diff suppressed because it is too large Load Diff

189
etc/grafana/resources/dashboards/Peticiones_nginx.json 100644
View File

@ -0,0 +1,189 @@
{
"meta": {
"type": "db",
"canSave": true,
"canEdit": true,
"canAdmin": true,
"canStar": true,
"canDelete": true,
"slug": "peticiones-nginx",
"url": "/d/aeho5mwznhzb4d/peticiones-nginx",
"expires": "0001-01-01T00:00:00Z",
"created": "2025-04-02T05:59:24Z",
"updated": "2025-04-14T18:45:57Z",
"updatedBy": "Anonymous",
"createdBy": "admin",
"version": 3,
"hasAcl": false,
"isFolder": false,
"folderId": 0,
"folderUid": "",
"folderTitle": "General",
"folderUrl": "",
"provisioned": false,
"provisionedExternalId": "",
"annotationsPermissions": {
"dashboard": {
"canAdd": true,
"canEdit": true,
"canDelete": true
},
"organization": {
"canAdd": true,
"canEdit": true,
"canDelete": true
}
}
},
"dashboard": {
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 4,
"links": [],
"panels": [
{
"datasource": {
"type": "grafana-opensearch-datasource",
"uid": "opensearch-ds"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"barWidthFactor": 0.6,
"drawStyle": "line",
"fillOpacity": 0,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"insertNulls": false,
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "auto",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 0
},
"id": 1,
"options": {
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"pluginVersion": "11.4.0",
"targets": [
{
"alias": "",
"bucketAggs": [
{
"field": "@timestamp",
"id": "2",
"settings": {
"interval": "auto"
},
"type": "date_histogram"
}
],
"datasource": {
"type": "grafana-opensearch-datasource",
"uid": "opensearch-ds"
},
"format": "table",
"luceneQueryType": "Metric",
"metrics": [
{
"id": "1",
"type": "count"
}
],
"query": "container.name: \"ogcore-nginx\"",
"queryType": "lucene",
"refId": "A",
"timeField": "@timestamp"
}
],
"title": "Numero de peticiones nginx",
"type": "timeseries"
}
],
"preload": false,
"schemaVersion": 40,
"tags": [],
"templating": {
"list": []
},
"timepicker": {},
"timezone": "browser",
"title": "Peticiones nginx",
"uid": "aeho5mwznhzb4d",
"version": 3,
"weekStart": ""
}
}

470
etc/grafana/resources/dashboards/Traceo_y_comandos.json 100644
View File

@ -0,0 +1,470 @@
{
"meta": {
"type": "db",
"canSave": true,
"canEdit": true,
"canAdmin": true,
"canStar": true,
"canDelete": true,
"slug": "traceo-y-comandos",
"url": "/d/cehkmg691ogsge/traceo-y-comandos",
"expires": "0001-01-01T00:00:00Z",
"created": "2025-04-01T06:13:37Z",
"updated": "2025-04-14T18:45:57Z",
"updatedBy": "Anonymous",
"createdBy": "admin",
"version": 13,
"hasAcl": false,
"isFolder": false,
"folderId": 0,
"folderUid": "",
"folderTitle": "General",
"folderUrl": "",
"provisioned": false,
"provisionedExternalId": "",
"annotationsPermissions": {
"dashboard": {
"canAdd": true,
"canEdit": true,
"canDelete": true
},
"organization": {
"canAdd": true,
"canEdit": true,
"canDelete": true
}
}
},
"dashboard": {
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 3,
"links": [],
"panels": [
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"fixedColor": "red",
"mode": "fixed"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "in_progress"
},
"properties": [
{
"id": "color",
"value": {
"mode": "palette-classic"
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "success"
},
"properties": [
{
"id": "color",
"value": {
"fixedColor": "green",
"mode": "fixed"
}
}
]
}
]
},
"gridPos": {
"h": 7,
"w": 24,
"x": 0,
"y": 0
},
"id": 3,
"options": {
"barRadius": 0,
"barWidth": 0.94,
"colorByField": "status",
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "none",
"tooltip": {
"mode": "single",
"sort": "none"
},
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"repeat": "organizational_unit",
"repeatDirection": "h",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT \n ou.name AS organizational_unit,\n SUM(CASE WHEN trace.status = 'failed' THEN 1 ELSE 0 END) AS failed,\n SUM(CASE WHEN trace.status = 'in-progress' THEN 1 ELSE 0 END) AS in_progress,\n SUM(CASE WHEN trace.status = 'success' THEN 1 ELSE 0 END) AS success\nFROM trace\nJOIN client ON trace.client_id = client.id\nJOIN organizational_unit ou ON client.organizational_unit_id = ou.id\nWHERE ou.name IN (${organizational_unit:sqlstring})\nGROUP BY ou.name\nORDER BY ou.name;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Estado de comandos: ${organizational_unit}",
"type": "barchart"
},
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 7
},
"id": 2,
"options": {
"barRadius": 0,
"barWidth": 0.97,
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "none",
"tooltip": {
"mode": "single",
"sort": "none"
},
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT \n command,\n ROUND(AVG(TIMESTAMPDIFF(SECOND, executed_at, finished_at))) AS avg_seconds\nFROM trace\nWHERE finished_at IS NOT NULL\nGROUP BY command\nORDER BY avg_seconds DESC;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Tiempo de media en segundos de la duración de los comandos",
"type": "barchart"
},
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"fixedColor": "light-red",
"mode": "fixed"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"min": 0,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 7
},
"id": 4,
"options": {
"barRadius": 0,
"barWidth": 0.97,
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "none",
"tooltip": {
"mode": "single",
"sort": "none"
},
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT \n command,\n COUNT(*) AS total_failed\nFROM trace\nWHERE status = 'failed'\nGROUP BY command\nORDER BY total_failed DESC;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Número de errores por tipo de comando",
"type": "barchart"
}
],
"preload": false,
"schemaVersion": 40,
"tags": [],
"templating": {
"list": [
{
"current": {
"text": [
"PCs internos"
],
"value": [
"PCs internos"
]
},
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"definition": "SELECT DISTINCT name FROM organizational_unit ORDER BY name",
"description": "SELECT DISTINCT name FROM organizational_unit ORDER BY name",
"includeAll": true,
"label": "Unidad Organizativa",
"multi": true,
"name": "organizational_unit",
"options": [],
"query": "SELECT DISTINCT name FROM organizational_unit ORDER BY name",
"refresh": 1,
"regex": "",
"type": "query"
}
]
},
"timepicker": {},
"timezone": "browser",
"title": "Traceo y comandos",
"uid": "cehkmg691ogsge",
"version": 13,
"weekStart": ""
}
}

248
etc/grafana/resources/dashboards/Uso_de_IPs_de_subred.json 100644
View File

@ -0,0 +1,248 @@
{
"meta": {
"type": "db",
"canSave": true,
"canEdit": true,
"canAdmin": true,
"canStar": true,
"canDelete": true,
"slug": "uso-de-ips-de-subred",
"url": "/d/eehoawvwyk6iof/uso-de-ips-de-subred",
"expires": "0001-01-01T00:00:00Z",
"created": "2025-04-02T06:58:34Z",
"updated": "2025-04-14T18:45:57Z",
"updatedBy": "Anonymous",
"createdBy": "admin",
"version": 3,
"hasAcl": false,
"isFolder": false,
"folderId": 0,
"folderUid": "",
"folderTitle": "General",
"folderUrl": "",
"provisioned": false,
"provisionedExternalId": "",
"annotationsPermissions": {
"dashboard": {
"canAdd": true,
"canEdit": true,
"canDelete": true
},
"organization": {
"canAdd": true,
"canEdit": true,
"canDelete": true
}
}
},
"dashboard": {
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "grafana",
"uid": "-- Grafana --"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 5,
"links": [],
"panels": [
{
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"custom": {
"axisBorderShow": false,
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"fillOpacity": 80,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineWidth": 1,
"scaleDistribution": {
"type": "linear"
},
"thresholdsStyle": {
"mode": "off"
}
},
"decimals": 1,
"fieldMinMax": false,
"mappings": [],
"max": 100,
"min": 1,
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "percent"
},
"overrides": [
{
"matcher": {
"id": "byName",
"options": "usage_percentage"
},
"properties": [
{
"id": "custom.hideFrom",
"value": {
"legend": false,
"tooltip": false,
"viz": false
}
}
]
},
{
"matcher": {
"id": "byName",
"options": "max_ips"
},
"properties": [
{
"id": "custom.hideFrom",
"value": {
"legend": false,
"tooltip": false,
"viz": true
}
},
{
"id": "unit",
"value": "none"
}
]
},
{
"matcher": {
"id": "byName",
"options": "assigned_clients"
},
"properties": [
{
"id": "unit",
"value": "none"
},
{
"id": "custom.hideFrom",
"value": {
"legend": false,
"tooltip": false,
"viz": true
}
}
]
}
]
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 0
},
"id": 1,
"options": {
"barRadius": 0,
"barWidth": 0.97,
"fullHighlight": false,
"groupWidth": 0.7,
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"orientation": "auto",
"showValue": "auto",
"stacking": "none",
"tooltip": {
"mode": "multi",
"sort": "none"
},
"xTickLabelRotation": 0,
"xTickLabelSpacing": 0
},
"pluginVersion": "11.4.0",
"targets": [
{
"dataset": "mysql",
"datasource": {
"type": "mysql",
"uid": "dea978mh1bncwf"
},
"editorMode": "code",
"format": "table",
"rawQuery": true,
"rawSql": "SELECT\n s.name AS metric, -- Esto Grafana lo usa como \"etiqueta\" por subred\n COUNT(c.id) AS assigned_clients,\n POW(2, 32 - BIT_COUNT(INET_ATON(s.netmask))) - 2 AS max_ips,\n ROUND(100 * COUNT(c.id) / (POW(2, 32 - BIT_COUNT(INET_ATON(s.netmask))) - 2), 2) AS usage_percentage\nFROM subnet s\nLEFT JOIN client c ON c.subnet_id = s.id\nGROUP BY s.id, s.name, s.netmask\nORDER BY usage_percentage DESC;\n",
"refId": "A",
"sql": {
"columns": [
{
"parameters": [],
"type": "function"
}
],
"groupBy": [
{
"property": {
"type": "string"
},
"type": "groupBy"
}
],
"limit": 50
}
}
],
"title": "Panel Title",
"type": "barchart"
}
],
"preload": false,
"schemaVersion": 40,
"tags": [],
"templating": {
"list": []
},
"timepicker": {},
"timezone": "browser",
"title": "Uso de IPs de subred",
"uid": "eehoawvwyk6iof",
"version": 3,
"weekStart": ""
}
}

7
etc/grafana/resources/dashboards/null.json 100644
View File

@ -0,0 +1,7 @@
{
"extra": null,
"message": "Expired API key",
"messageId": "api-key.expired",
"statusCode": 401,
"traceID": ""
}

46
etc/grafana/resources/datasources/datasources.json 100644
View File

@ -0,0 +1,46 @@
[
{
"id": 2,
"uid": "dea978mh1bncwf",
"orgId": 1,
"name": "mysql",
"type": "mysql",
"typeName": "MySQL",
"typeLogoUrl": "public/app/plugins/datasource/mysql/img/mysql_logo.svg",
"access": "proxy",
"url": "__OGCORE_IP__:3306",
"user": "root",
"secureJsonData": {
"password": "root"
},
"database": "ogcore",
"basicAuth": false,
"isDefault": false,
"jsonData": {
"connMaxLifetime": 14400,
"database": "ogcore",
"maxIdleConns": 100,
"maxIdleConnsAuto": true,
"maxOpenConns": 100,
"tlsSkipVerify": false
},
"readOnly": false
},
{
"id": 1,
"uid": "PBFA97CFB590B2093",
"orgId": 1,
"name": "Prometheus",
"type": "prometheus",
"typeName": "Prometheus",
"typeLogoUrl": "public/app/plugins/datasource/prometheus/img/prometheus_logo.svg",
"access": "proxy",
"url": "https://oglog-prom.${SUBDOMAIN}:9090",
"user": "",
"database": "",
"basicAuth": false,
"isDefault": true,
"jsonData": {},
"readOnly": true
}
]

25
etc/journalbeat/journalbeat.yml 100644
View File

@ -0,0 +1,25 @@
journalbeat.inputs:
- paths:
- "/var/log/journal"
- "/var/log/journal/remote"
seek: cursor
setup.template.settings:
index.number_of_shards: 1
output.elasticsearch:
hosts: ["https://oglog-os.${SUBDOMAIN}:9200"]
username: "admin"
password: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}"
pipeline: "master_pipeline"
protocol: "https"
ssl.enabled: true
ssl.verification_mode: full
ssl.certificate: "/etc/journalbeat/oglog-jb.${SUBDOMAIN}.crt.pem"
ssl.key: "/etc/journalbeat/oglog-jb.${SUBDOMAIN}.key.pem"
processors:
- add_docker_metadata: ~
seccomp.enabled: false

13
etc/opensearch-dashboards/opensearch_dashboards.yml 100644
View File

@ -0,0 +1,13 @@
server.host: 0.0.0.0
opensearch.hosts: ["https://oglog-os.${SUBDOMAIN}:9200"]
opensearch.username: "admin"
opensearch.password: "${OPENSEARCH_INITIAL_ADMIN_PASSWORD}"
server.ssl.enabled: true
server.ssl.certificate: /etc/opensearch-dashboards/oglog-osdb.${SUBDOMAIN}.crt.pem
server.ssl.key: /etc/opensearch-dashboards/oglog-osdb.${SUBDOMAIN}.key.pem
opensearch.ssl.certificate: /etc/opensearch-dashboards/oglog-osdb.${SUBDOMAIN}.crt.pem
opensearch.ssl.key: /etc/opensearch-dashboards/oglog-osdb.${SUBDOMAIN}.key.pem
opensearch.ssl.verificationMode: full
opensearch.ssl.certificateAuthorities: ["/etc/ssl/certs/ca.crt.pem"]
opensearch.ssl.alwaysPresentCertificate: true

10
etc/opensearch-dashboards/saved_searches.ndjson 100644
View File

@ -0,0 +1,10 @@
{"attributes":{"columns":["agent.name","host.ip","host.mac","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"log.file.path\",\"params\":{\"query\":\"/var/log/opengnsys.log\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"log.file.path\":\"/var/log/opengnsys.log\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Ogagent","version":1},"id":"06a268e0-d3d0-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-16T06:08:03.537Z","version":"WzQ5LDJd"}
{"attributes":{"columns":["_source"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"syslog.identifier\",\"params\":{\"query\":\"docker\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"syslog.identifier\":\"docker\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"container.name\",\"params\":{\"query\":\"ogcore-nginx\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"container.name\":\"ogcore-nginx\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"ogcore-nginx","version":1},"id":"0c6388d0-d3d1-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-16T06:13:48.124Z","version":"WzUzLDJd"}
{"attributes":{"columns":["agent.name","host.ip","host.mac","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30m\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"log.file.path\",\"params\":{\"query\":\"/var/log/opengnsys.log\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"log.file.path\":\"/var/log/opengnsys.log\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"agent.name\",\"params\":{\"query\":\"pc-modelo-ubuntu24-2\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"agent.name\":\"pc-modelo-ubuntu24-2\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Ogagent - agent name","version":1},"id":"353bcbf0-d7d2-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-21T08:32:10.797Z","version":"WzU1LDJd"}
{"attributes":{"columns":["_source"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Kea Dhcp","version":1},"id":"39976990-d3cf-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__filebeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-16T06:00:44.967Z","version":"WzQzLDJd"}
{"attributes":{"columns":["parsed_message.severity","parsed_message.operation","parsed_message.http_code","parsed_message.desc","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"syslog.identifier\",\"params\":{\"query\":\"ogdhcp\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"syslog.identifier\":\"ogdhcp\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Ogdhcp","version":1},"id":"8542fc60-d249-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-14T07:33:35.272Z","version":"WzQyLDJd"}
{"attributes":{"columns":["parsed_message.severity","parsed_message.method","parsed_message.request_uri","parsed_message.operation","parsed_message.http_code","parsed_message.desc","message"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"key\":\"syslog.identifier\",\"negate\":false,\"params\":{\"query\":\"ogboot\"},\"type\":\"phrase\",\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"syslog.identifier\":\"ogboot\"}}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"Ogboot","version":1},"id":"8b2a50b0-d244-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-14T07:00:24.803Z","version":"WzM1LDJd"}
{"attributes":{"columns":["parsed_json.severity","parsed_json.component","parsed_json.operation","parsed_json.desc"],"description":"","hits":0,"kibanaSavedObjectMeta":{"searchSourceJSON":"{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"highlightAll\":true,\"version\":true,\"aggs\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"fixed_interval\":\"30s\",\"time_zone\":\"Europe/Madrid\",\"min_doc_count\":1}}},\"filter\":[{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"syslog.identifier\",\"params\":{\"query\":\"docker\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\"},\"query\":{\"match_phrase\":{\"syslog.identifier\":\"docker\"}},\"$state\":{\"store\":\"appState\"}},{\"meta\":{\"alias\":null,\"negate\":false,\"disabled\":false,\"type\":\"phrase\",\"key\":\"container.name\",\"params\":{\"query\":\"ogcore-php\"},\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\"},\"query\":{\"match_phrase\":{\"container.name\":\"ogcore-php\"}},\"$state\":{\"store\":\"appState\"}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}"},"sort":[],"title":"ogcore-php","version":1},"id":"abe87370-d188-11ef-9b0b-2d28387787cc","migrationVersion":{"search":"7.9.3"},"references":[{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.index","type":"index-pattern"},{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index","type":"index-pattern"},{"id":"__journalbeat_index__","name":"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index","type":"index-pattern"}],"type":"search","updated_at":"2025-01-13T08:30:40.160Z","version":"WzksMl0="}
{"exportedCount":7,"missingRefCount":0,"missingReferences":[]}

34
etc/opensearch/opensearch.yml 100644
View File

@ -0,0 +1,34 @@
# WARNING: revise all the lines below before you go into production
network.host: "${OGLOG_IP}"
plugins.security.ssl.transport.pemcert_filepath: esnode.pem
plugins.security.ssl.transport.pemkey_filepath: esnode-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.http.enabled: true
plugins.security.ssl.http.pemcert_filepath: oglog-os.${SUBDOMAIN}.crt.pem
plugins.security.ssl.http.pemkey_filepath: oglog-os.${SUBDOMAIN}.key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: ca.crt.pem
plugins.security.allow_unsafe_democertificates: true
plugins.security.allow_default_init_securityindex: true
plugins.security.authcz.admin_dn: ['CN=kirk,OU=client,O=client,L=test,C=de']
plugins.security.audit.type: internal_opensearch
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.restapi.roles_enabled: [all_access, security_rest_api_access]
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [.plugins-ml-agent, .plugins-ml-config, .plugins-ml-connector,
.plugins-ml-controller, .plugins-ml-model-group, .plugins-ml-model, .plugins-ml-task,
.plugins-ml-conversation-meta, .plugins-ml-conversation-interactions, .plugins-ml-memory-meta,
.plugins-ml-memory-message, .plugins-ml-stop-words, .opendistro-alerting-config,
.opendistro-alerting-alert*, .opendistro-anomaly-results*, .opendistro-anomaly-detector*,
.opendistro-anomaly-checkpoints, .opendistro-anomaly-detection-state, .opendistro-reports-*,
.opensearch-notifications-*, .opensearch-notebooks, .opensearch-observability, .ql-datasources,
.opendistro-asynchronous-search-response*, .replication-metadata-store, .opensearch-knn-models,
.geospatial-ip2geo-data*, .plugins-flow-framework-config, .plugins-flow-framework-templates,
.plugins-flow-framework-state]
node.max_local_storage_nodes: 3
discovery.type: single-node
compatibility.override_main_response_version: true
plugins.security.ssl.http.clientauth_mode: REQUIRE
plugins.security.ssl_cert_reload_enabled: true

605
etc/opensearch/pipelines.json 100644
View File

@ -0,0 +1,605 @@
{
"filter_ogdhcp_pipeline" : {
"description" : "Parse logs to extract http_code and desc, while preserving original message",
"processors" : [
{
"script" : {
"if" : "ctx.syslog?.identifier != 'ogdhcp'",
"source" : "\n ctx.debug = 'Skipped: identifier is ' + (ctx.syslog?.identifier ?: 'undefined');\n ctx.pipeline_stop = true; // Stops further processing but retains the document\n "
}
},
{
"set" : {
"field" : "debug",
"value" : "Processed: identifier is ogdhcp"
}
},
{
"script" : {
"source" : "\n ctx.processed_message = ctx.message;\n "
}
},
{
"gsub" : {
"field" : "processed_message",
"pattern" : "^app\\.[A-Z]+: ",
"replacement" : "",
"ignore_failure" : true
}
},
{
"gsub" : {
"field" : "processed_message",
"pattern" : "^request\\.INFO: Matched route \".*?\"\\. ",
"replacement" : "",
"ignore_failure" : true
}
},
{
"json" : {
"field" : "processed_message",
"target_field" : "parsed_message",
"ignore_failure" : true
}
},
{
"set" : {
"field" : "route",
"value" : "{{parsed_message.route}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.route != null"
}
},
{
"set" : {
"field" : "route_parameters",
"value" : "{{parsed_message.route_parameters}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.route_parameters != null"
}
},
{
"set" : {
"field" : "request_uri",
"value" : "{{parsed_message.request_uri}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.request_uri != null"
}
},
{
"set" : {
"field" : "method",
"value" : "{{parsed_message.method}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.method != null"
}
},
{
"set" : {
"field" : "http_code",
"value" : "{{parsed_message.http_code}}",
"ignore_empty_value" : true
}
},
{
"set" : {
"field" : "description",
"value" : "{{parsed_message.desc}}",
"ignore_empty_value" : true
}
}
]
},
"master_pipeline" : {
"description" : "Master pipeline to route logs based on syslog.identifier",
"processors" : [
{
"pipeline" : {
"name" : "filter_tftp_pipeline",
"if" : "ctx.syslog?.identifier == 'in.tftpd'"
}
},
{
"pipeline" : {
"name" : "filter_ogboot_pipeline",
"if" : "ctx.syslog?.identifier == 'ogboot'"
}
},
{
"pipeline" : {
"name" : "filter_ogdhcp_pipeline",
"if" : "ctx.syslog?.identifier == 'ogdhcp'"
}
},
{
"pipeline" : {
"name" : "kea_dhcp_pipeline",
"if" : "ctx.syslog?.identifier == 'kea-dhcp4'"
}
},
{
"pipeline" : {
"name" : "ogrepo_pipeline",
"if" : "ctx.syslog?.identifier == 'ogrepo-api'"
}
},
{
"pipeline" : {
"name" : "docker_logs_pipeline",
"if" : "ctx.syslog?.identifier == 'docker'"
}
},
{
"json": {
"field": "message",
"target_field": "parsed_message",
"ignore_failure": true,
"if": "ctx.syslog?.identifier == 'ogcore'"
}
},
{
"set" : {
"field" : "debug",
"value" : "No matching pipeline, skipping further processing.",
"if" : "ctx.syslog?.identifier != 'in.tftpd' && ctx.syslog?.identifier != 'ogboot' && ctx.syslog?.identifier != 'kea-dhcp4' && ctx.syslog?.identifier != 'ogrepo-api' && ctx.syslog?.identifier != 'docker'"
}
}
]
},
"json_parse_pipeline" : {
"description" : "Parse JSON payload from logs",
"processors" : [
{
"json" : {
"field" : "message",
"target_field" : "parsed_json",
"ignore_failure" : true
}
}
]
},
"docker_logs_pipeline" : {
"description" : "Parse Docker logs and route based on container name",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"%{DATA:container.name}\\s*\\|%{GREEDYDATA:log_details}"
],
"ignore_failure" : true
}
},
{
"pipeline" : {
"name" : "parse_nginx_logs",
"if" : "ctx.container?.name == 'ogcore-nginx'",
"ignore_failure" : true
}
},
{
"json" : {
"field" : "log_details",
"target_field" : "parsed_json",
"ignore_failure" : true
}
}
]
},
"json_parse_with_replacement_debug" : {
"description" : "Debug replacement of single quotes with double quotes and parse JSON",
"processors" : [
{
"script" : {
"source" : "\n ctx.message = ctx.message.replace(\"'\", \"\\\"\");\n "
}
},
{
"set" : {
"field" : "debug_message",
"value" : "{{ message }}"
}
},
{
"json" : {
"field" : "message",
"target_field" : "parsed_json",
"ignore_failure" : true
}
}
]
},
"ogrepo_parse_pipeline" : {
"description" : "Parse ogRepo logs for detailed JSON information",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"%{TIMESTAMP_ISO8601:timestamp} %{DATA:hostname} %{DATA:service}\\[%{NUMBER:pid}\\]: %{GREEDYDATA:json_payload}"
],
"ignore_failure" : true
}
},
{
"json" : {
"field" : "json_payload",
"target_field" : "parsed_json",
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "parsed_json.component",
"target_field" : "component",
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "parsed_json.severity",
"target_field" : "severity",
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "parsed_json.http_code",
"target_field" : "http_code",
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "parsed_json.operation",
"target_field" : "operation",
"ignore_failure" : true
}
},
{
"rename" : {
"field" : "parsed_json.desc",
"target_field" : "description",
"ignore_failure" : true
}
}
]
},
"kea_dhcp_pipeline" : {
"description" : "Parse logs from kea-dhcp4 to extract key fields",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:level} \\[%{DATA:service}/%{NUMBER:pid}\\.%{DATA:thread_id}\\] %{DATA:event_type} \\[hwtype=%{NUMBER:hw_type} %{MAC:mac_address}\\](?:, cid=\\[%{DATA:cid}\\])?, tid=%{DATA:transaction_id}: (?:lease %{IP:ip_address} %{GREEDYDATA:event_details})?"
],
"ignore_failure" : true
}
},
{
"set" : {
"field" : "service",
"value" : "kea-dhcp4",
"ignore_failure" : true
}
}
]
},
"kea_dhcp_filebeat_pipeline" : {
"description" : "Parse Kea DHCP logs from Filebeat",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:level} \\[%{DATA:service}/%{NUMBER:pid}\\.%{DATA:thread_id}\\] %{DATA:event_type} \\[hwtype=%{NUMBER:hw_type} %{MAC:mac_address}\\](?:, cid=\\[%{DATA:cid}\\])?, tid=%{DATA:transaction_id}: (?:lease %{IP:ip_address} %{GREEDYDATA:event_details})?"
],
"ignore_failure" : true
}
},
{
"set" : {
"field" : "service",
"value" : "kea-dhcp4",
"ignore_failure" : true
}
},
{
"date" : {
"field" : "timestamp",
"formats" : [
"yyyy-MM-dd HH:mm:ss.SSS"
],
"target_field" : "@timestamp",
"ignore_failure" : true
}
}
]
},
"filter_ogboot_pipeline" : {
"description" : "Parse logs to extract http_code and desc, while preserving original message",
"processors" : [
{
"script" : {
"if" : "ctx.syslog?.identifier != 'ogboot'",
"source" : "\n ctx.debug = 'Skipped: identifier is ' + (ctx.syslog?.identifier ?: 'undefined');\n ctx.pipeline_stop = true; // Stops further processing but retains the document\n "
}
},
{
"set" : {
"field" : "debug",
"value" : "Processed: identifier is ogboot"
}
},
{
"script" : {
"source" : "\n ctx.processed_message = ctx.message;\n "
}
},
{
"gsub" : {
"field" : "processed_message",
"pattern" : "^app\\.[A-Z]+: ",
"replacement" : "",
"ignore_failure" : true
}
},
{
"gsub" : {
"field" : "processed_message",
"pattern" : "^request\\.INFO: Matched route \".*?\"\\. ",
"replacement" : "",
"ignore_failure" : true
}
},
{
"json" : {
"field" : "processed_message",
"target_field" : "parsed_message",
"ignore_failure" : true
}
},
{
"set" : {
"field" : "route",
"value" : "{{parsed_message.route}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.route != null"
}
},
{
"set" : {
"field" : "route_parameters",
"value" : "{{parsed_message.route_parameters}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.route_parameters != null"
}
},
{
"set" : {
"field" : "request_uri",
"value" : "{{parsed_message.request_uri}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.request_uri != null"
}
},
{
"set" : {
"field" : "method",
"value" : "{{parsed_message.method}}",
"ignore_empty_value" : true,
"if" : "ctx.parsed_message?.method != null"
}
},
{
"set" : {
"field" : "http_code",
"value" : "{{parsed_message.http_code}}",
"ignore_empty_value" : true
}
},
{
"set" : {
"field" : "description",
"value" : "{{parsed_message.desc}}",
"ignore_empty_value" : true
}
}
]
},
"ogrepo_pipeline" : {
"description" : "Pipeline to parse ogRepo logs",
"processors" : [
{
"set" : {
"field" : "debug_message",
"value" : "{{message}}"
}
},
{
"script" : {
"source" : "\n if (ctx.message != null) {\n ctx.message = ctx.message.replace(\"'\", \"\\\"\")\n }\n "
}
},
{
"json" : {
"field" : "message",
"target_field" : "parsed_json",
"ignore_failure" : true
}
},
{
"remove" : {
"field" : "message",
"ignore_failure" : true
}
}
]
},
"parse_nginx_logs" : {
"description" : "Parse logs from Nginx in the 'main' log format with debug information",
"processors" : [
{
"set" : {
"field" : "debug",
"value" : "Entered parse_nginx_logs pipeline",
"ignore_failure" : true
}
},
{
"gsub" : {
"field" : "log_details",
"pattern" : "^\\s+",
"replacement" : "",
"ignore_failure" : true
}
},
{
"grok" : {
"field" : "log_details",
"patterns" : [
"%{IP:client_ip} %{GREEDYDATA:rest}"
],
"ignore_failure" : true
}
},
{
"grok" : {
"field" : "rest",
"patterns" : [
"- %{DATA:remote_user} \\[%{HTTPDATE:timestamp}\\] %{GREEDYDATA:rest_after_timestamp}"
],
"ignore_failure" : true
}
},
{
"grok" : {
"field" : "rest_after_timestamp",
"patterns" : [
"\"%{WORD:method} %{DATA:request_path} HTTP/%{NUMBER:http_version}\" %{NUMBER:status} %{NUMBER:body_bytes} %{GREEDYDATA:rest_referer}"
],
"ignore_failure" : true
}
},
{
"grok" : {
"field" : "rest_referer",
"patterns" : [
"\"%{DATA:referer}\" \"%{GREEDYDATA:nginx_user_agent}\""
],
"ignore_failure" : true
}
},
{
"date" : {
"field" : "timestamp",
"formats" : [
"dd/MMM/yyyy:HH:mm:ss Z"
],
"target_field" : "@timestamp",
"ignore_failure" : true
}
},
{
"remove" : {
"field" : [
"rest"
],
"ignore_missing" : true
}
}
]
},
"kea_dhcp_parse_pipeline" : {
"description" : "Parse Kea DHCP logs for detailed information",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"%{TIMESTAMP_ISO8601:timestamp} +%{LOGLEVEL:log_level} \\[%{DATA:source}/%{NUMBER:pid}.%{NUMBER:thread_id}\\] %{WORD:message_id} \\[%{DATA:hwtype}\\], cid=%{DATA:cid}, tid=%{DATA:tid}: lease %{IP:lease} has been allocated for %{NUMBER:lease_duration} seconds"
],
"ignore_failure" : true
}
},
{
"set" : {
"field" : "service",
"value" : "kea-dhcp4",
"ignore_failure" : true
}
}
]
},
"json_parse_with_replacement" : {
"description" : "Replace single quotes with double quotes and parse JSON",
"processors" : [
{
"script" : {
"source" : "\n ctx.message = ctx.message.replace(\"'\", \"\\\"\");\n "
}
},
{
"json" : {
"field" : "message",
"target_field" : "parsed_json"
}
}
]
},
"tftp_parse_pipeline" : {
"description" : "Parse logs from in.tftpd to extract filename and client IP",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"RRQ from %{HOSTNAME:client_ip} filename %{GREEDYDATA:filename}"
],
"ignore_failure" : true
}
},
{
"set" : {
"field" : "service",
"value" : "tftpd",
"ignore_failure" : true
}
}
]
},
"filter_tftp_pipeline" : {
"description" : "Parse logs from in.tftpd to extract filename and client IP",
"processors" : [
{
"grok" : {
"field" : "message",
"patterns" : [
"RRQ from %{HOSTNAME:client_ip} filename %{GREEDYDATA:filename}"
],
"ignore_failure" : true
}
},
{
"set" : {
"field" : "service_name",
"value" : "tftpd",
"ignore_failure" : true
}
}
]
},
"copy-message-pipeline" : {
"description" : "Pipeline que copia el campo message a message_raw",
"processors" : [
{
"set" : {
"field" : "message_raw",
"value" : "{{message}}"
}
}
]
}
}

13
etc/prometheus/prometheus.yml 100644
View File

@ -0,0 +1,13 @@
global:
scrape_interval: 15s
evaluation_interval: 15s
scrape_configs:
- job_name: ogserver
static_configs:
- targets: ['ogserver.${SUBDOMAIN}:9100']
- job_name: ogagent
static_configs:
- targets: ['ogagent.${SUBDOMAIN}:9100']

4
etc/prometheus/web-config.yml 100644
View File

@ -0,0 +1,4 @@
tls_server_config:
cert_file: /etc/prometheus/oglog-prom.${SUBDOMAIN}.crt.pem
key_file: /etc/prometheus/oglog-prom.${SUBDOMAIN}.key.pem

131
script/Documentación script OgLog.md 100755
View File

@ -0,0 +1,131 @@
# Documentación script OgLog
Este script automatiza la configuración de un entorno basado en OpenSearch, OpenSearch Dashboards, Prometheus, Grafana, y otras herramientas. Incluye la instalación, configuración de certificados SSL y ajuste de servicios para garantizar seguridad y funcionamiento adecuado.
---
## Requisitos Previos
1. **Variables de Entorno**:
- `IP_MAQUINA`: Dirección IP del servidor donde se ejecutará el script.
- `OPENSEARCH_INITIAL_ADMIN_PASSWORD`: Contraseña inicial del administrador para OpenSearch.
La contraseña debe:
- Tener al menos 12 caracteres.
- Incluir una mayúscula, un número y un carácter especial.
1. **Script para Generar Certificados**:
Este script depende de otro llamado `mkcerts.sh` que genera certificados SSL necesarios. Alternativamente, puedes usar certificados propios. Es importante que la carpeta `CA` se encuentre en la misma ruta desde la cual se ejecuta este script. Los certificados deben colocarse en las siguientes subcarpetas dentro de `CA`:
- **`CA/certs/`**: para los archivos de certificados (`.crt.pem`).
- **`CA/private/`**: para los archivos de llaves privadas (`.key.nopass.pem`).
---
## Funcionalidad del Script
### 1. **Validación Inicial**
- Verifica la presencia de variables de entorno esenciales.
- Valida que la contraseña cumple con los requisitos mínimos de seguridad.
### 2. **Actualización del Archivo `/etc/hosts`**
El script agrega entradas al archivo `/etc/hosts` para permitir la resolución de los siguientes nombres de dominio en el entorno:
- **`oglog-os.mytld`**
- **`oglog-osdb.mytld`**
- **`oglog-jb.mytld`**
- **`oglog-jrem.mytld`**
- **`oglog-prom.mytld`**
- **`oglog-graf.mytld`**
Cada uno de estos dominios estará asociado a la IP especificada en la variable de entorno `IP_MAQUINA`.
### 3. **Instalación de Dependencias**
Instala herramientas esenciales como `ca-certificates`, `gnupg2`, `lsb-release`, y `systemd-journal-remote`.
### 4. **Ejecución de `mkcerts.sh`**
Este script genera los certificados SSL requeridos. Si decides usar certificados diferentes, deben colocarse en las ubicaciones mencionadas en la sección de requisitos previos.
### 5. **Configuración de Certificados**
- Copia y enlaza los certificados generados en las ubicaciones correspondientes.
- Establece los certificados SSL para cada herramienta (OpenSearch, OpenSearch Dashboards, Prometheus, etc.).
### 6. **Instalación y Configuración de OpenSearch**
- Agrega repositorios y claves para OpenSearch y OpenSearch Dashboards.
- Configura OpenSearch (`/etc/opensearch/opensearch.yml`) con certificados SSL, IP del servidor y otras opciones de seguridad.
### 7. **Instalación y Configuración de Prometheus**
- Copia los certificados necesarios a `/etc/prometheus/`.
- Configura Prometheus para usar TLS y añade trabajos para monitorización.
### 8. **Instalación y Configuración de Journalbeat**
- Descarga e instala Journalbeat.
- Configura el acceso a ElasticSearch con certificados y credenciales.
### 9. **Instalación y Configuración de Grafana**
- Instala Grafana y configura el acceso HTTPS.
- Establece Prometheus como fuente de datos predeterminada.
- Descarga y configura un dashboard prediseñado.
### 10. **Acceso a las Herramientas Configuradas**
Una vez que el script haya finalizado, podrás acceder a las herramientas configuradas mediante los siguientes enlaces:
1. **OpenSearch**:
- URL: `https://oglog-os.mytld:9200`
- Credenciales:
- Usuario: `admin`
- Contraseña: La definida en la variable `OPENSEARCH_INITIAL_ADMIN_PASSWORD`.
2. **OpenSearch Dashboards**:
- URL: `https://oglog-osdb.mytld:5601`
3. **Prometheus**:
- URL: `https://oglog-prom.mytld:9090`
4. **Grafana**:
- URL: `https://oglog-graf.mytld:3000`
- Credenciales iniciales por defecto:
- Usuario: `admin`
- Contraseña: `admin` (es recomendable cambiarla tras el primer inicio de sesión).
---
## Ubicaciones de Certificados por Servicio
1. **OpenSearch**:
- Certificado raíz: `/etc/opensearch/ca.crt.pem`.
- Certificado del servicio: `/etc/opensearch/oglog-os.mytld.crt.pem`.
- Llave privada: `/etc/opensearch/oglog-os.mytld.key.pem`.
2. **OpenSearch Dashboards**:
- Certificado del servicio: `/etc/opensearch-dashboards/oglog-osdb.mytld.crt.pem`.
- Llave privada: `/etc/opensearch-dashboards/oglog-osdb.mytld.key.pem`.
3. **Prometheus**:
- Certificado del servicio: `/etc/prometheus/oglog-prom.mytld.crt.pem`.
- Llave privada: `/etc/prometheus/oglog-prom.mytld.key.pem`.
4. **Journalbeat**:
- Certificado del servicio: `/etc/journalbeat/oglog-jb.mytld.crt.pem`.
- Llave privada: `/etc/journalbeat/oglog-jb.mytld.key.pem`.
5. **Grafana**:
- Certificado del servicio: `/etc/grafana/oglog-graf.mytld.crt.pem`.
- Llave privada: `/etc/grafana/oglog-graf.mytld.key.pem`.
---
## Servicios Configurados
Los siguientes servicios se habilitan y se inician automáticamente:
- OpenSearch (`opensearch.service`).
- OpenSearch Dashboards (`opensearch-dashboards.service`).
- Prometheus.
- Journalbeat.
- Grafana (`grafana-server`).
- Systemd Journal Remote (`systemd-journal-remote.service`).

92
script/agent.sh 100755
View File

@ -0,0 +1,92 @@
#!/bin/bash
set -e # Detener el script si ocurre un error
# Configurar Filebeat
echo "Verificando conectividad"
curl -I --connect-timeout 10 --max-time 30 -s -o /dev/null --retry 5 https://artifacts.elastic.co/downloads/beats/filebeat/
if [[ $? -ne 0 ]]; then
echo "ERROR: No se puede conectar a https://artifacts.elastic.co/downloads/beats/filebeat. Verifica tu conexión a Internet o la disponibilidad"
exit 1
fi
curl --connect-timeout 10 --max-time 60 --retry 5 -L -o /tmp/filebeat-oss-7.12.1-amd64.deb https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-oss-7.12.1-amd64.deb
sudo dpkg -i /tmp/filebeat-oss-7.12.1-amd64.deb
cp CA/certs/ogagent-fb.mytld.crt.pem /etc/filebeat/
cp CA/private/ogagent-fb.mytld.key.nopass.pem /etc/filebeat/ogagent-fb.mytld.key.pem
cat >/etc/filebeat/filebeat.yml <<EOF
filebeat.inputs:
- type: log
enabled: true
paths:
- /var/log/opengnsys.log
- /home/*/opengnsys.log
setup.template.settings:
index.number_of_shards: 1
output.elasticsearch:
hosts: ["oglog-os.mytld:9200"]
username: "admin"
password: "\$OPENSEARCH_INITIAL_ADMIN_PASSWORD"
protocol: "https"
ssl.enabled: true
ssl.verification_mode: full
ssl.certificate: "/etc/filebeat/ogagent-fb.mytld.crt.pem"
ssl.key: "/etc/filebeat/ogagent-fb.mytld.key.pem"
processors:
- add_host_metadata:
when.not.contains.tags: forwarded
- add_cloud_metadata: ~
- add_docker_metadata: ~
- add_kubernetes_metadata: ~
seccomp.enabled: false
EOF
systemctl enable --now filebeat
# Verificar que la variable de entorno IP_SERVER esté configurada
if [[ -z "$IP_SERVER" ]]; then
echo "ERROR: La variable de entorno IP_SERVER no está configurada."
echo "Por favor, exporta IP_SERVER antes de ejecutar este script."
exit 1
fi
# Actualizar /etc/hosts con los nombres de dominio
cat >>/etc/hosts <<EOF
$IP_SERVER oglog-jrem.mytld
EOF
echo "Actualizando paquetes e instalando dependencias..."
apt-get update
apt-get -y install \
prometheus-node-exporter \
systemd-journal-remote
echo "Configurando TLS y copiando certificados..."
cp CA/certs/ca.crt.pem /etc/ssl/certs/
ln -sf /etc/ssl/certs/ca.crt.pem /etc/ssl/certs/$(openssl x509 -in /etc/ssl/certs/ca.crt.pem -hash -noout).0
cp CA/certs/ogserver.mytld.crt.pem /etc/ssl/certs/
cp CA/private/ogserver.mytld.key.nopass.pem /etc/ssl/private/ogserver.mytld.key.pem
chmod 600 /etc/ssl/private/ogserver.mytld.key.pem
chown root:root /etc/ssl/private/ogserver.mytld.key.pem
echo "Configurando systemd-journal-upload..."
sed -i -e '/DynamicUser/s/.*/DynamicUser=no/' /usr/lib/systemd/system/systemd-journal-upload.service
sed -i -e '/User/ s/.*/User=root/' /usr/lib/systemd/system/systemd-journal-upload.service
systemctl daemon-reload
sed -i -e '/URL/ s%.*%URL=https://oglog-jrem.mytld:19532%' /etc/systemd/journal-upload.conf
sed -i -e '/ServerKeyFile/ s%.*%ServerKeyFile=/etc/ssl/private/ogserver.mytld.key.pem%' /etc/systemd/journal-upload.conf
sed -i -e '/ServerCertificateFile/ s%.*%ServerCertificateFile=/etc/ssl/certs/ogserver.mytld.crt.pem%' /etc/systemd/journal-upload.conf
sed -i -e '/TrustedCertificateFile/s%.*%TrustedCertificateFile=/etc/ssl/certs/ca.crt.pem%' /etc/systemd/journal-upload.conf
echo "Habilitando y arrancando systemd-journal-upload..."
systemctl enable --now systemd-journal-upload
systemctl status systemd-journal-upload --no-pager
echo "Configuración completada con éxito. Los logs se están enviando al servidor remoto."

46
script/export_grafana.sh 100755
View File

@ -0,0 +1,46 @@
#!/bin/bash
# Variables
#GRAFANA_URL="https://oglog-graf.mytld:3000"
GRAFANA_URL=$1
EXPORT_DIR="../etc/grafana/resources"
TOKEN_FILE="./grafana_token.txt"
# Comprobar que el token existe
if [ ! -f "$TOKEN_FILE" ]; then
echo "Error: No se encontró el archivo $TOKEN_FILE con el token de Grafana."
echo "Ejecuta primero setup_grafana_token.sh"
exit 1
fi
API_TOKEN=$(cat "$TOKEN_FILE")
# Crear directorios
mkdir -p "$EXPORT_DIR/dashboards"
mkdir -p "$EXPORT_DIR/datasources"
mkdir -p "$EXPORT_DIR/alerts"
# Exportar todos los dashboards
echo "Exportando dashboards..."
curl -s -H "Authorization: Bearer $API_TOKEN" "$GRAFANA_URL/api/search?query=&type=dash-db" | jq -c '.[]' |
while read -r dashboard; do
uid=$(echo "$dashboard" | jq -r '.uid')
title=$(echo "$dashboard" | jq -r '.title' | tr ' /' '_' | tr -d '"')
curl -s -H "Authorization: Bearer $API_TOKEN" "$GRAFANA_URL/api/dashboards/uid/$uid" \
| jq '.' > "$EXPORT_DIR/dashboards/${title}.json"
echo "Exportado: $title"
done
# Exportar datasources
echo "Exportando datasources..."
curl -s -H "Authorization: Bearer $API_TOKEN" "$GRAFANA_URL/api/datasources" \
| jq '.' > "$EXPORT_DIR/datasources/datasources.json"
# Exportar alertas (si usas alert rules v2)
echo "Exportando alert rules..."
curl -s -H "Authorization: Bearer $API_TOKEN" "$GRAFANA_URL/api/v1/provisioning/alert-rules" \
| jq '.' > "$EXPORT_DIR/alerts/alert-rules.json"
echo "Exportación completada en: $EXPORT_DIR"

54
script/import_grafana.sh 100755
View File

@ -0,0 +1,54 @@
#!/bin/bash
# Variables
#GRAFANA_URL="https://oglog-graf.mytld:3000"
GRAFANA_URL=$1
RESOURCE_DIR="../etc/grafana/resources"
TOKEN_FILE="./grafana_token.txt"
# Comprobar que el token existe
if [ ! -f "$TOKEN_FILE" ]; then
echo "Error: No se encontró el archivo $TOKEN_FILE con el token de Grafana."
echo "Ejecuta primero setup_grafana_token.sh"
exit 1
fi
API_TOKEN=$(cat "$TOKEN_FILE")
# Importar datasources
if [ -f "$RESOURCE_DIR/datasources/datasources.json" ]; then
echo "Importando datasources..."
jq -c '.[]' "$RESOURCE_DIR/datasources/datasources.json" | while read -r datasource; do
curl -s -X POST "$GRAFANA_URL/api/datasources" \
-H "Authorization: Bearer $API_TOKEN" \
-H "Content-Type: application/json" \
-d "$datasource" > /dev/null
done
echo "Datasources importados."
fi
# Importar dashboards
echo "Importando dashboards..."
for f in "$RESOURCE_DIR/dashboards"/*.json; do
echo "Importando $(basename "$f")"
jq 'del(.dashboard.id) | {dashboard: .dashboard, overwrite: true}' "$f" | \
curl -s -X POST "$GRAFANA_URL/api/dashboards/db" \
-H "Authorization: Bearer $API_TOKEN" \
-H "Content-Type: application/json" \
--data-binary @-
done
echo "Dashboards importados."
# Importar alertas
if [ -f "$RESOURCE_DIR/alerts/alert-rules.json" ]; then
echo "Importando alert rules..."
jq -c '.[]' "$RESOURCE_DIR/alerts/alert-rules.json" | while read -r alert; do
curl -s -X POST "$GRAFANA_URL/api/v1/provisioning/alert-rules" \
-H "Authorization: Bearer $API_TOKEN" \
-H "Content-Type: application/json" \
-d "$alert"
done
echo "Alertas importadas."
fi
echo "Importación completa."

127
script/journal-upload.sh 100755
View File

@ -0,0 +1,127 @@
#!/bin/bash
set -e
LOGFILE="/tmp/ogcore-installer.log"
exec > >(tee -a "$LOGFILE") 2>&1
log() {
echo "$1" | tee -a "$LOGFILE"
}
log "Inicio instalación ogcore: $(date)"
# Mediciones iniciales
log "Tamaño inicial del disco:" && df -h /
log "Carga inicial CPU:" && uptime
NFS_SERVER="ognartefactos.evlt.uma.es"
LOCAL_MOUNT="/mnt"
# Montar NFS
if ! mountpoint -q "$LOCAL_MOUNT"; then
mkdir -p "$LOCAL_MOUNT"
mount -t nfs "$NFS_SERVER:/" "$LOCAL_MOUNT"
fi
# Cargar variables desde el archivo .env
ENV_FILE="../.env"
if [ ! -f "$ENV_FILE" ]; then
echo "ERROR: No se encontró el archivo .env"
exit 1
fi
export $(grep -v '^#' "$ENV_FILE" | xargs)
# Ejemplo de uso
echo "OGLOG se instalará en: $OGLOG_IP"
echo "Base de datos OGCORE en: $OGCORE_IP"
# Validar la contraseña
if [[ ${#OPENSEARCH_INITIAL_ADMIN_PASSWORD} -lt 12 || \
! "$OPENSEARCH_INITIAL_ADMIN_PASSWORD" =~ [A-Z] || \
! "$OPENSEARCH_INITIAL_ADMIN_PASSWORD" =~ [0-9] || \
! "$OPENSEARCH_INITIAL_ADMIN_PASSWORD" =~ [^a-zA-Z0-9] ]]; then
log "ERROR: La contraseña OPENSEARCH_INITIAL_ADMIN_PASSWORD no cumple los requisitos."
exit 1
fi
# Actualizar hosts
echo "$OGCORE_IP oglog-jrem.mytld" >> /etc/hosts
# Instalar dependencias
apt-get update
apt-get install -y prometheus-node-exporter systemd-journal-remote
log "Generando certificados para ogcore con subdominio $SUBDOMAIN..."
# Suponemos que el script de generación ya está descargado en /tmp o incluido en la instalación
./mkcerts.sh "$SUBDOMAIN" "$OPENSEARCH_INITIAL_ADMIN_PASSWORD"
# Helper
get_cert_name() {
echo "oglog-$1.$SUBDOMAIN"
}
# Directorio base
CA_DIR="./CA"
CERT_NAME=$(get_cert_name "server")
# Copiar certificados generados
cp "$CA_DIR/certs/ca.crt.pem" /etc/ssl/certs/
cp "$CA_DIR/certs/$CERT_NAME.crt.pem" /etc/ssl/certs/
cp "$CA_DIR/private/$CERT_NAME.key.nopass.pem" /etc/ssl/private/$CERT_NAME.key.pem
chmod 600 /etc/ssl/private/$CERT_NAME.key.pem
# Copiar contenido de CA_DIR a LOCAL_MOUNT
DEST_DIR="$LOCAL_MOUNT/srv/artefactos/oglog/CA"
mkdir -p "$DEST_DIR"
cp -r "$CA_DIR/"* "$DEST_DIR/"
# Reemplazar certificados en el directorio de filebeat
FILEBEAT_DIR="/opt/opengnsys/ogclone-engine/ogclient/lib/filebeat"
cp "$CA_DIR/certs/ca.crt.pem" "$FILEBEAT_DIR/ca.crt.pem"
cp "$CA_DIR/certs/$CERT_NAME.crt.pem" "$FILEBEAT_DIR/oglog-agent-fb.opengnsys.crt.pem"
cp "$CA_DIR/private/$CERT_NAME.key.nopass.pem" "$FILEBEAT_DIR/oglog-agent-fb.opengnsys.key.pem"
chmod 600 "$FILEBEAT_DIR/oglog-agent-fb.opengnsys.key.pem"
chown -R opengnsys:opengnsys "$FILEBEAT_DIR"
# Configuración journal-upload
sed -i -e '/DynamicUser/s/.*/DynamicUser=no/' \
-e '/User/s/.*/User=root/' \
/usr/lib/systemd/system/systemd-journal-upload.service
systemctl daemon-reload
cat >/etc/systemd/journal-upload.conf <<EOF
[Upload]
URL=https://$(get_cert_name jrem):19532
ServerKeyFile=/etc/ssl/private/$CERT_NAME.key.pem
ServerCertificateFile=/etc/ssl/certs/$CERT_NAME.crt.pem
TrustedCertificateFile=/etc/ssl/certs/ca.crt.pem
EOF
# Activar servicio robustamente
reiniciar_servicio() {
systemctl restart "$1"
log "Esperando que $1 esté activo..."
for i in {1..10}; do
if systemctl is-active --quiet "$1"; then
log "$1 activo."
return
fi
sleep 2
done
log "ERROR: $1 no arrancó correctamente."
exit 1
}
reiniciar_servicio "systemd-journal-upload"
# Mediciones finales
log "Tamaño final del disco:" && df -h /
log "Carga final CPU:" && uptime
log "Instalación ogcore finalizada: $(date)"

108
script/mkcerts.sh 100755
View File

@ -0,0 +1,108 @@
#!/bin/bash
SUBDOMAIN="$1"
CERT_PASS="$2"
if [ -z "$SUBDOMAIN" ] || [ -z "$CERT_PASS" ]; then
echo "Uso: $0 <subdominio> <contraseña-certificados>"
exit 1
fi
rm -rf CA
mkdir -p CA
cd CA
cat >openssl.cnf <<EOF
[ca]
default_ca = CA_default
[CA_default]
dir = $PWD
EOF
cat >>openssl.cnf <<'EOF'
certs = $dir/certs
new_certs_dir = $dir/newcerts
database = $dir/index.txt
serial = $dir/serial
default_md = sha256
policy = policy_loose
copy_extensions = copy
private_key = $dir/private/ca.key.pem
certificate = $dir/certs/ca.crt.pem
[policy_loose]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
[req]
default_bits = 2048
distinguished_name = req_distinguished_name
default_md = sha256
[req_distinguished_name]
countryName = Country Name (2 letter code)
EOF
mkdir -p certs csr newcerts private
chmod 0700 private
touch index.txt
echo 1000 >serial
function gen_cert() {
NAME="$1"
DOMAIN="$NAME.$SUBDOMAIN"
PASS="$CERT_PASS"
CA_PASS_FILE="./ca-pass"
FILE_PRIVKEY_PASS="./$NAME-pass"
KEY_FILE="private/$DOMAIN.key.pem"
KEY_NOPASS_FILE="private/$DOMAIN.key.nopass.pem"
SUBJ="/C=ES/ST=Madrid/L=Madrid/CN=$DOMAIN"
ADDEXT="subjectAltName=DNS:$DOMAIN"
CSR="csr/$DOMAIN.csr.pem"
CERT_FILE="certs/$DOMAIN.crt.pem"
echo "$PASS" >"$FILE_PRIVKEY_PASS"
chmod 0600 "$FILE_PRIVKEY_PASS"
openssl genrsa -aes256 -out "$KEY_FILE" -passout file:"$FILE_PRIVKEY_PASS" 2048
openssl rsa -in "$KEY_FILE" -passin file:"$FILE_PRIVKEY_PASS" -out "$KEY_NOPASS_FILE" >/dev/null 2>&1
openssl req -config openssl.cnf -key "$KEY_FILE" -passin file:"$FILE_PRIVKEY_PASS" -new -sha256 -subj "$SUBJ" -addext "$ADDEXT" -out "$CSR"
openssl ca -config openssl.cnf -batch -passin file:"$CA_PASS_FILE" -days 375 -notext -md sha256 -in "$CSR" -out "$CERT_FILE" >/dev/null 2>&1
echo "Dominio generado: $DOMAIN"
}
## Generar CA
CA_PASS_FILE="./ca-pass"
echo "$CERT_PASS" >"$CA_PASS_FILE"
chmod 0600 "$CA_PASS_FILE"
openssl genrsa -aes256 -out private/ca.key.pem -passout file:"$CA_PASS_FILE" 4096
openssl req -config openssl.cnf -key private/ca.key.pem -passin file:"$CA_PASS_FILE" -new -x509 -days 7300 -sha256 -subj "/C=ES/ST=Madrid/L=Madrid/CN=ca.$SUBDOMAIN" -out certs/ca.crt.pem
## Componentes a generar certificados
# COMPONENTES y su correspondencia:
# "os" → OpenSearch (certificado para /etc/opensearch/)
# "osdb" → OpenSearch Dashboards (certificado para /etc/opensearch-dashboards/)
# "jrem" → systemd-journal-remote (certificado para /etc/systemd/)
# "prom" → Prometheus (certificado para /etc/prometheus/)
# "graf" → Grafana (certificado para /etc/grafana/)
# "jb" → Journalbeat del cliente (certificado para /etc/journalbeat/)
# "agent-fb" → Filebeat del cliente ogagent (certificado para /etc/filebeat/)
# "server" → Servidor ogcore/ogboot/intermedio (uso genérico del certificado)
COMPONENTES=("os" "osdb" "jrem" "jb" "prom" "graf" "server" "agent-fb")
for comp in "${COMPONENTES[@]}"; do
gen_cert "oglog-$comp"
echo "address=/oglog-$comp.$SUBDOMAIN/127.0.0.1" >> /tmp/dnsmasq.oglog.conf
done
cd ..

362
script/oglog_installer.sh 100755
View File

@ -0,0 +1,362 @@
#!/bin/bash
set -e
LOGFILE="/tmp/oglog-install.log"
exec > >(tee -a "$LOGFILE") 2>&1
log() {
echo "$1" | tee -a "$LOGFILE"
}
log "Inicio de instalación: $(date)"
# Tamaño inicial del disco
log "Tamaño inicial del disco:"
df -h / | tee -a "$LOGFILE"
# Carga inicial de CPU
log "Carga inicial de CPU:"
uptime | tee -a "$LOGFILE"
# Inicio del cronómetro
SECONDS=0
# Instalación de paquetes necesarios
apt-get update
apt-get install -y nfs-common
# Montar servidor NFS
NFS_SERVER="ognartefactos.evlt.uma.es"
NFS_PATH="/"
LOCAL_MOUNT="/mnt"
if ! mountpoint -q "$LOCAL_MOUNT"; then
mkdir -p "$LOCAL_MOUNT"
mount -t nfs "$NFS_SERVER:$NFS_PATH" "$LOCAL_MOUNT"
fi
# Cargar variables desde el archivo .env
ENV_FILE="../.env"
if [ ! -f "$ENV_FILE" ]; then
echo "ERROR: No se encontró el archivo .env"
exit 1
fi
export $(grep -v '^#' "$ENV_FILE" | xargs)
# Comprobar variables requeridas
required_vars=("OGLOG_IP" "OGCORE_IP" "OPENSEARCH_INITIAL_ADMIN_PASSWORD")
for var in "${required_vars[@]}"; do
if [[ -z "${!var}" ]]; then
echo "ERROR: La variable de entorno $var debe estar definida en el archivo .env."
exit 1
fi
done
# Ejemplo de uso
echo "OGLOG se instalará en: $OGLOG_IP"
echo "Base de datos OGCORE en: $OGCORE_IP"
# Validar la contraseña
if [[ ${#OPENSEARCH_INITIAL_ADMIN_PASSWORD} -lt 12 || \
! "$OPENSEARCH_INITIAL_ADMIN_PASSWORD" =~ [A-Z] || \
! "$OPENSEARCH_INITIAL_ADMIN_PASSWORD" =~ [0-9] || \
! "$OPENSEARCH_INITIAL_ADMIN_PASSWORD" =~ [^a-zA-Z0-9] ]]; then
log "ERROR: La contraseña OPENSEARCH_INITIAL_ADMIN_PASSWORD no cumple los requisitos."
exit 1
fi
# Añadir repositorios y claves GPG para OpenSearch y OpenSearch Dashboards
curl -fsSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --dearmor -o /usr/share/keyrings/opensearch-keyring.gpg
echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring.gpg] https://artifacts.opensearch.org/releases/bundle/opensearch/2.x/apt stable main" > /etc/apt/sources.list.d/opensearch.list
echo "deb [signed-by=/usr/share/keyrings/opensearch-keyring.gpg] https://artifacts.opensearch.org/releases/bundle/opensearch-dashboards/2.x/apt stable main" > /etc/apt/sources.list.d/opensearch-dashboards.list
# Añadir repositorio y clave GPG para Grafana
curl -fsSL https://apt.grafana.com/gpg.key | gpg --dearmor -o /usr/share/keyrings/grafana.gpg
echo "deb [signed-by=/usr/share/keyrings/grafana.gpg] https://apt.grafana.com stable main" > /etc/apt/sources.list.d/grafana.list
# Instalación de paquetes necesarios
apt-get update
apt-get install -y apt-transport-https software-properties-common wget curl ca-certificates gnupg2 lsb-release systemd-journal-remote prometheus grafana opensearch opensearch-dashboards nfs-common
# Montar servidor NFS
NFS_SERVER="ognartefactos.evlt.uma.es"
NFS_PATH="/"
LOCAL_MOUNT="/mnt"
if ! mountpoint -q "$LOCAL_MOUNT"; then
mkdir -p "$LOCAL_MOUNT"
mount -t nfs "$NFS_SERVER:$NFS_PATH" "$LOCAL_MOUNT"
fi
# Añadir dominios a /etc/hosts
HOSTNAMES=(oglog-os.$SUBDOMAIN oglog-osdb.$SUBDOMAIN oglog-jb.$SUBDOMAIN oglog-jrem.$SUBDOMAIN oglog-prom.$SUBDOMAIN oglog-graf.$SUBDOMAIN)
for hostname in "${HOSTNAMES[@]}"; do
if ! grep -q "$hostname" /etc/hosts; then
echo "$OGLOG_IP $hostname" >> /etc/hosts
fi
done
# Instalación Journalbeat y Filebeat
JOURNALBEAT_URL="https://artifacts.elastic.co/downloads/beats/journalbeat/journalbeat-oss-7.12.1-amd64.deb"
FILEBEAT_URL="https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-oss-7.12.1-amd64.deb"
curl -L "$JOURNALBEAT_URL" -o /tmp/journalbeat.deb
dpkg -i /tmp/journalbeat.deb
rm -f /tmp/journalbeat.deb
curl -L "$FILEBEAT_URL" -o /tmp/filebeat.deb
dpkg -i /tmp/filebeat.deb
rm -f /tmp/filebeat.deb
# Copiar configuraciones desde plantillas locales
base_dir="$(dirname $(pwd))"
./mkcerts.sh "$SUBDOMAIN" "$OPENSEARCH_INITIAL_ADMIN_PASSWORD"
log "Copiando configuraciones desde plantillas locales..."
files_to_copy=(
"journalbeat/journalbeat.yml"
"filebeat/filebeat.yml"
"opensearch/opensearch.yml"
"opensearch-dashboards/opensearch_dashboards.yml"
"prometheus/prometheus.yml"
"prometheus/web-config.yml"
"grafana/grafana.ini"
"grafana/provisioning/datasources/prometheus.yaml"
"grafana/provisioning/dashboards/dashboard.yaml"
)
for file in "${files_to_copy[@]}"; do
src="$base_dir/etc/$file"
dest="/etc/$file"
mkdir -p "$(dirname "$dest")"
cp "$src" "$dest"
envsubst < "$src" > "$dest"
done
chown -R grafana:grafana /etc/grafana/provisioning
# Helper
get_cert_name() {
echo "oglog-$1.$SUBDOMAIN"
}
# Directorio base
if [ -d "$LOCAL_MOUNT/srv/artefactos/oglog/CA" ]; then
CA_DIR="$LOCAL_MOUNT/srv/artefactos/oglog/CA"
else
CA_DIR="./CA"
fi
# Certificados por componente
cp "$CA_DIR/certs/ca.crt.pem" /etc/opensearch/
cp "$CA_DIR/certs/$(get_cert_name os).crt.pem" /etc/opensearch/
cp "$CA_DIR/private/$(get_cert_name os).key.nopass.pem" /etc/opensearch/$(get_cert_name os).key.pem
cp "$CA_DIR/certs/$(get_cert_name osdb).crt.pem" /etc/opensearch-dashboards/
cp "$CA_DIR/private/$(get_cert_name osdb).key.nopass.pem" /etc/opensearch-dashboards/$(get_cert_name osdb).key.pem
cp "$CA_DIR/certs/ca.crt.pem" /etc/systemd/
cp "$CA_DIR/certs/$(get_cert_name jrem).crt.pem" /etc/systemd/
cp "$CA_DIR/private/$(get_cert_name jrem).key.nopass.pem" /etc/systemd/$(get_cert_name jrem).key.pem
cp "$CA_DIR/certs/$(get_cert_name prom).crt.pem" /etc/prometheus/
cp "$CA_DIR/private/$(get_cert_name prom).key.nopass.pem" /etc/prometheus/$(get_cert_name prom).key.pem
cp "$CA_DIR/certs/$(get_cert_name graf).crt.pem" /etc/grafana/
cp "$CA_DIR/private/$(get_cert_name graf).key.nopass.pem" /etc/grafana/$(get_cert_name graf).key.pem
cp "$CA_DIR/certs/$(get_cert_name jb).crt.pem" /etc/journalbeat/
cp "$CA_DIR/private/$(get_cert_name jb).key.nopass.pem" /etc/journalbeat/$(get_cert_name jb).key.pem
cp "$CA_DIR/certs/$(get_cert_name agent-fb).crt.pem" /etc/filebeat/
cp "$CA_DIR/private/$(get_cert_name agent-fb).key.nopass.pem" /etc/filebeat/$(get_cert_name agent-fb).key.pem
cp "$CA_DIR/certs/ca.crt.pem" /etc/ssl/certs/
ln -sf /etc/ssl/certs/ca.crt.pem /etc/ssl/certs/"$(openssl x509 -in /etc/ssl/certs/ca.crt.pem -hash -noout).0"
# Permisos específicos
chown opensearch:opensearch /etc/opensearch/*
chown opensearch-dashboards:opensearch-dashboards /etc/opensearch-dashboards/*
chown systemd-journal-remote:systemd-journal-remote /etc/systemd/$(get_cert_name jrem).*
chown prometheus:prometheus /etc/prometheus/$(get_cert_name prom).*
chown grafana:grafana /etc/grafana/$(get_cert_name graf).*
install -d -o systemd-journal-remote -g systemd-journal-remote -m 0750 /var/log/journal/remote
sed -i -e "/ServerKeyFile/ s%.*%ServerKeyFile=/etc/systemd/$(get_cert_name jrem).key.pem%" /etc/systemd/journal-remote.conf
sed -i -e "/ServerCertificateFile/s%.*%ServerCertificateFile=/etc/systemd/$(get_cert_name jrem).crt.pem%" /etc/systemd/journal-remote.conf
sed -i -e "/TrustedCertificateFile/s%.*%TrustedCertificateFile=/etc/systemd/ca.crt.pem%" /etc/systemd/journal-remote.conf
if ! grep -q -- "--web.config.file=/etc/prometheus/web-config.yml" /etc/default/prometheus; then
sed -i -e '/^ARGS/s%"$% --web.config.file=/etc/prometheus/web-config.yml"%' /etc/default/prometheus
fi
log "Descargando dashboard de Grafana..."
mkdir -p /etc/grafana/dashboards
curl -sS --connect-timeout 30 --max-time 120 --retry 3 \
-o /etc/grafana/dashboards/1860.json \
https://grafana.com/api/dashboards/1860/revisions/37/download || {
log "Error: Fallo al descargar el dashboard"
exit 1
}
grafana-cli plugins install grafana-opensearch-datasource
# Declarar variables para envsubst
export TLS_CA_CERT=$(sed 's/^/ /' "$CA_DIR/certs/ca.crt.pem")
export TLS_CLIENT_CERT=$(sed 's/^/ /' "$CA_DIR/certs/$(get_cert_name os).crt.pem")
export TLS_CLIENT_KEY=$(sed 's/^/ /' "$CA_DIR/private/$(get_cert_name os).key.nopass.pem")
# Copiar configuración adicional para Grafana
# log "Copiando configuración adicional para Grafana..."
additional_file="grafana/provisioning/datasources/opensearch.yaml"
src="$base_dir/etc/$additional_file"
dest="/etc/$additional_file"
envsubst < "$src" > "$dest"
services_to_restart=(
journalbeat
filebeat
opensearch
opensearch-dashboards
systemd-journal-remote
prometheus
grafana-server
)
for service in "${services_to_restart[@]}"; do
log "Reiniciando $service..."
systemctl restart "$service"
sleep 5
done
# Index pattern para filebeat
curl -X POST "https://oglog-os.${SUBDOMAIN}:9200/.kibana/_doc/index-pattern:filebeat-*" \
--cert "/etc/journalbeat/$(get_cert_name jb).crt.pem" \
--key "/etc/journalbeat/$(get_cert_name jb).key.pem" \
-u "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
-H 'Content-Type: application/json' \
-d '{
"type": "index-pattern",
"index-pattern": {
"title": "filebeat-*",
"timeFieldName": "@timestamp"
}
}'
# Index pattern para journalbeat
curl -X POST "https://oglog-os.${SUBDOMAIN}:9200/.kibana/_doc/index-pattern:journalbeat-*" \
--cert "/etc/journalbeat/$(get_cert_name jb).crt.pem" \
--key "/etc/journalbeat/$(get_cert_name jb).key.pem" \
-u "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
-H 'Content-Type: application/json' \
-d '{
"type": "index-pattern",
"index-pattern": {
"title": "journalbeat-*",
"timeFieldName": "@timestamp"
}
}'
# Crea un indice vacío para filebeat para que no se llene la pagina opensearch dashboard de errores
curl -X PUT "https://oglog-os.${SUBDOMAIN}:9200/filebeat-000001" \
--cacert /etc/systemd/ca.crt.pem \
--cert "/etc/opensearch/$(get_cert_name os).crt.pem" \
--key "/etc/opensearch/$(get_cert_name os).key.pem" \
-u "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
-H 'Content-Type: application/json' \
-d '{
"mappings": {
"properties": {
"@timestamp": { "type": "date" },
"message": { "type": "text" }
}
}
}'
echo "Importar pipelines de ingestión de OpenSearch"
jq -c 'to_entries[]' "$base_dir/etc/opensearch/pipelines.json" | while read -r entry; do
name=$(echo "$entry" | jq -r '.key')
body=$(echo "$entry" | jq -c '.value')
curl -X PUT "https://oglog-os.${SUBDOMAIN}:9200/_ingest/pipeline/$name" \
--cert "/etc/journalbeat/$(get_cert_name jb).crt.pem" \
--key "/etc/journalbeat/$(get_cert_name jb).key.pem" \
-u "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
-H "Content-Type: application/json" \
-d "$body"
done
echo "Importar búsquedas personalizadas de OpenSearch Dashboards"
# Obtener los IDs reales de index pattern
JOURNALBEAT_ID=$(curl -s -X GET "https://oglog-os.${SUBDOMAIN}:9200/.kibana/_search?q=type:index-pattern" \
--cert "/etc/journalbeat/$(get_cert_name jb).crt.pem" \
--key "/etc/journalbeat/$(get_cert_name jb).key.pem" \
-u "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
| jq -r '.hits.hits[] | "\(.["_id"])\t\(.["_source"]["index-pattern"].title)"' \
| grep 'journalbeat-*' | cut -f1 | cut -d':' -f2)
FILEBEAT_ID=$(curl -s -X GET "https://oglog-os.${SUBDOMAIN}:9200/.kibana/_search?q=type:index-pattern" \
--cert "/etc/journalbeat/$(get_cert_name jb).crt.pem" \
--key "/etc/journalbeat/$(get_cert_name jb).key.pem" \
-u "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
| jq -r '.hits.hits[] | "\(.["_id"])\t\(.["_source"]["index-pattern"].title)"' \
| grep 'filebeat-*' | cut -f1 | cut -d':' -f2)
# Sustituir variables en el fichero ndjson (sin modificar el original si quieres)
cp "$base_dir/etc/opensearch-dashboards/saved_searches.ndjson" /tmp/saved_searches_modified.ndjson
sed -i "s|__journalbeat_index__|$JOURNALBEAT_ID|g" /tmp/saved_searches_modified.ndjson
sed -i "s|__filebeat_index__|$FILEBEAT_ID|g" /tmp/saved_searches_modified.ndjson
# Importar con overwrite
curl -X POST "https://oglog-osdb.${SUBDOMAIN}:5601/api/saved_objects/_import?overwrite=true" \
--cert "/etc/journalbeat/$(get_cert_name jb).crt.pem" \
--key "/etc/journalbeat/$(get_cert_name jb).key.pem" \
-u "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
-H "osd-xsrf: true" \
-F "file=@/tmp/saved_searches_modified.ndjson"
# Después de los reinicios
log "Verificación final de servicios:"
systemctl is-active journalbeat filebeat opensearch opensearch-dashboards prometheus grafana-server
# Crear token y configurar Grafana
log "Creando token para Grafana..."
while IFS= read -r line; do
log "$line"
done < <(./setup_grafana_token.sh "https://oglog-graf.${SUBDOMAIN}:3000" \
"/etc/grafana/oglog-graf.${SUBDOMAIN}.crt.pem" \
"/etc/grafana/oglog-graf.${SUBDOMAIN}.key.pem")
sed -i "s/__OGCORE_IP__/${OGCORE_IP}/g" ../etc/grafana/resources/datasources/datasources.json
log "Importando configuracion en Grafana..."
while IFS= read -r line; do
log "$line"
done < <(./import_grafana.sh "https://oglog-graf.${SUBDOMAIN}:3000")
systemctl restart grafana-server
DURATION=$SECONDS
log "Tiempo total: $((DURATION / 60)) minutos y $((DURATION % 60)) segundos"
log "Instalación finalizada: $(date)"

14
script/pipeline-bulk.sh 100755
View File

@ -0,0 +1,14 @@
#!/bin/bash
# Ejecutar todos los pipelines definidos en pipeline.yml
if [[ -f "pipeline.yml" ]]; then
echo "Ejecutando pipelines definidos en pipeline.yml..."
# Leer el archivo completo y enviar su contenido a OpenSearch
curl -X PUT "https://localhost:9200/_ingest/pipeline/_bulk" \
-H "Content-Type: application/json" \
-u "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--cacert "CA/certs/ca.crt.pem" \
-d @pipeline.yml
else
echo "No se encontró pipeline.yml. No se ejecutaron pipelines."
fi

35
script/pipeline-individual.sh 100755
View File

@ -0,0 +1,35 @@
#!/bin/bash
# Verificar si existe el archivo pipeline.yml
if [[ -f "pipeline.yml" ]]; then
echo "Analizando y ejecutando pipelines definidos en pipeline.yml..."
# Dividir el archivo en partes individuales por cada pipeline
awk '/^---/ {close("pipeline.tmp"); filename="pipeline_" NR ".tmp"} {print > filename}' pipeline.yml
# Procesar cada archivo temporal creado por awk
for pipeline_file in pipeline_*.tmp; do
if [[ -f "$pipeline_file" ]]; then
# Extraer el nombre del pipeline del archivo
pipeline_name=$(awk '/^name:/ {print $2; exit}' "$pipeline_file")
if [[ -n "$pipeline_name" ]]; then
echo "Ejecutando pipeline: $pipeline_name..."
curl -X PUT "https://localhost:9200/_ingest/pipeline/$pipeline_name" \
-H "Content-Type: application/json" \
-u "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--cacert "CA/certs/ca.crt.pem" \
-d @"$pipeline_file"
else
echo "ERROR: No se pudo extraer el nombre del pipeline de $pipeline_file."
fi
# Eliminar archivo temporal después de procesarlo
rm "$pipeline_file"
else
echo "ERROR: No se encontró el archivo temporal $pipeline_file."
fi
done
else
echo "No se encontró pipeline.yml. No se ejecutaron pipelines."
fi

20
script/pipeline.sh 100755
View File

@ -0,0 +1,20 @@
# Ejecutar pipelines definidos en pipeline.yml
if [[ -f "pipeline.yml" ]]; then
echo "Ejecutando pipelines definidos en pipeline.yml..."
while IFS= read -r pipeline; do
if [[ -n "$pipeline" ]]; then
pipeline_file="${pipeline}.yml"
if [[ -f "$pipeline_file" ]]; then
curl -X PUT "https://localhost:9200/_ingest/pipeline/$pipeline" \
-H "Content-Type: application/json" \
-u "admin:$OPENSEARCH_INITIAL_ADMIN_PASSWORD" \
--cacert "CA/certs/ca.crt.pem" \
-d @"$pipeline_file"
else
echo "ERROR: No se encontró el archivo $pipeline_file."
fi
fi
done < <(grep -o '^[^#]*' "pipeline.yml" | grep -v '^$')
else
echo "No se encontró pipeline.yml. No se ejecutaron pipelines."
fi

60
script/setup_grafana_token.sh 100755
View File

@ -0,0 +1,60 @@
#!/bin/bash
# Variables
#GRAFANA_URL="https://oglog-graf.mytld:3000"
GRAFANA_URL=$1
GRAFANA_USER="admin"
GRAFANA_PASS="admin"
#CERT="/etc/grafana/oglog-graf.mytld.crt.pem"
CERT=$2
#KEY="/etc/grafana/oglog-graf.mytld.key.pem"
KEY=$3
SA_NAME="dashboard-exporter"
TOKEN_NAME="dashboard-export-token"
TOKEN_TTL=3600
TOKEN_FILE="./grafana_token.txt"
# 1. Buscar si ya existe el Service Account
SA_ID=$(curl -s --cert "$CERT" --key "$KEY" -u $GRAFANA_USER:$GRAFANA_PASS \
"$GRAFANA_URL/api/serviceaccounts/search" \
| jq -r '.serviceAccounts[] | select(.name=="'"$SA_NAME"'") | .id')
# 2. Crear si no existe
if [ -z "$SA_ID" ]; then
echo "Creando Service Account: $SA_NAME"
SA_ID=$(curl -s --cert "$CERT" --key "$KEY" -u $GRAFANA_USER:$GRAFANA_PASS \
-H "Content-Type: application/json" \
-d '{ "name": "'"$SA_NAME"'", "role": "Admin" }' \
"$GRAFANA_URL/api/serviceaccounts" | jq -r '.id')
echo "Service Account creado con ID: $SA_ID"
else
echo "Service Account ya existe con ID: $SA_ID"
fi
# 3. Verificamos si el fichero con el token existe
if [ -f "$TOKEN_FILE" ]; then
echo "El token ya fue generado y está guardado en $TOKEN_FILE."
echo "Para forzar su regeneración, borra el archivo manualmente."
else
echo "Buscando token existente con nombre $TOKEN_NAME..."
TOKEN_ID=$(curl -s --cert "$CERT" --key "$KEY" -u $GRAFANA_USER:$GRAFANA_PASS \
"$GRAFANA_URL/api/serviceaccounts/$SA_ID/tokens" \
| jq -r '.[] | select(.name=="'"$TOKEN_NAME"'") | .id')
if [ -n "$TOKEN_ID" ]; then
echo "Borrando token anterior con ID $TOKEN_ID..."
curl -s -X DELETE --cert "$CERT" --key "$KEY" -u $GRAFANA_USER:$GRAFANA_PASS \
"$GRAFANA_URL/api/serviceaccounts/$SA_ID/tokens/$TOKEN_ID" > /dev/null
fi
echo "Creando nuevo token..."
TOKEN=$(curl -s --cert "$CERT" --key "$KEY" -u $GRAFANA_USER:$GRAFANA_PASS \
-H "Content-Type: application/json" \
-d '{ "name": "'"$TOKEN_NAME"'", "secondsToLive": '"$TOKEN_TTL"' }' \
"$GRAFANA_URL/api/serviceaccounts/$SA_ID/tokens" | jq -r '.key')
echo "$TOKEN" > "$TOKEN_FILE"
echo "Token guardado en $TOKEN_FILE"
fi