Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add filebeat 

add template config
replace rsyslog with filebeat.
This commit is contained in:
Pablo Castorino 2016-09-29 17:11:45 -03:00
parent 68c4233e33
commit 1dc08e45a4
3 changed files with 29 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Dockerfile
View File

@ -39,7 +39,9 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get update -q --fix-missing && \
&& \ && \
curl -sk http://neuro.debian.net/lists/trusty.de-m.libre > /etc/apt/sources.list.d/neurodebian.sources.list && \ curl -sk http://neuro.debian.net/lists/trusty.de-m.libre > /etc/apt/sources.list.d/neurodebian.sources.list && \
apt-key adv --recv-keys --keyserver hkp://pgp.mit.edu:80 0xA5D32F012649A5A9 && \ apt-key adv --recv-keys --keyserver hkp://pgp.mit.edu:80 0xA5D32F012649A5A9 && \
apt-get update -q --fix-missing && apt-get -y upgrade fail2ban && \ curl https://packages.elasticsearch.org/GPG-KEY-elasticsearch | apt-key add - && \
echo "deb http://packages.elastic.co/beats/apt stable main" | tee -a /etc/apt/sources.list.d/beats.list && \
apt-get update -q --fix-missing && apt-get -y upgrade fail2ban filebeat && \
apt-get autoclean && rm -rf /var/lib/apt/lists/* && \ apt-get autoclean && rm -rf /var/lib/apt/lists/* && \
rm -rf /usr/share/locale/* && rm -rf /usr/share/man/* && rm -rf /usr/share/doc/* rm -rf /usr/share/locale/* && rm -rf /usr/share/man/* && rm -rf /usr/share/doc/*
@ -112,3 +114,8 @@ RUN chmod +x /usr/local/bin/*
EXPOSE 25 587 143 993 110 995 4190 EXPOSE 25 587 143 993 110 995 4190
CMD /usr/local/bin/start-mailserver.sh CMD /usr/local/bin/start-mailserver.sh
ADD target/filebeat.yml.tmpl /etc/filebeat/filebeat.yml.tmpl

13
target/filebeat.yml.tmpl Normal file
View File

@ -0,0 +1,13 @@
output:
logstash:
enabled: true
hosts:
- $ELK_HOST:$ELK_PORT
filebeat:
prospectors:
-
paths:
- /var/log/mail/mail.log
document_type: syslog

12
target/start-mailserver.sh
View File

@ -355,17 +355,21 @@ if [ "$ONE_DIR" = 1 -a -d $statedir ]; then
done done
fi fi
if [ "$ENABLE_ELK_FORWARDER" = 1 ]; then if [ "$ENABLE_ELK_FORWARDER" = 1 ]; then
ELK_PORT=${ELK_PORT:="10514"} ELK_PORT=${ELK_PORT:="5044"}
ELK_HOST=${ELK_HOST:="elk"} ELK_HOST=${ELK_HOST:="elk"}
echo "Enabling log forwarding to ELK ($ELK_HOST:$ELK_PORT)" echo "Enabling log forwarding to ELK ($ELK_HOST:$ELK_PORT)"
echo " *.* @$ELK_HOST:$ELK_PORT " > /etc/rsyslog.d/60-elk.conf cat /etc/filebeat/filebeat.yml.tmpl \
else | sed "s@\$ELK_HOST@$ELK_HOST@g" \
rm -f /etc/rsyslog.d/60-elk.conf | sed "s@\$ELK_PORT@$ELK_PORT@g" \
> /etc/filebeat/filebeat.yml
fi fi
echo "Starting daemons" echo "Starting daemons"
cron cron
/etc/init.d/rsyslog start /etc/init.d/rsyslog start
if [ "$ENABLE_ELK_FORWARDER" = 1 ]; then
/etc/init.d/filebeat start
fi
# Enable Managesieve service by setting the symlink # Enable Managesieve service by setting the symlink
# to the configuration file Dovecot will actually find # to the configuration file Dovecot will actually find