job "syslogng" { datacenters = ["dc1"] type = "service" group "promtail" { count = 1 network { mode = "bridge" port "main" { to = 1514 } port "metrics" { to = 9080 } } service { name = "syslogng-promtail" provider = "nomad" port = "main" } task "promtail" { driver = "docker" meta = { "diun.sort_tags" = "semver" "diun.watch_repo" = true "diun.include_tags" = "^[0-9]+\\.[0-9]+\\.[0-9]+$" } config { image = "grafana/promtail:2.7.1" ports = ["main", "metrics"] args = ["--config.file=/etc/promtail/promtail.yml"] mount { type = "bind" target = "/etc/promtail/promtail.yml" source = "local/promtail.yml" } } template { data = <<EOF --- server: http_listen_address: 0.0.0.0 http_listen_port: 9080 clients: {{ range nomadService 1 (env "NOMAD_ALLOC_ID") "loki" -}} - url: http://{{ .Address }}:{{ .Port }}/loki/api/v1/push {{- end }} scrape_configs: # TCP syslog receiver - job_name: syslog syslog: listen_address: 0.0.0.0:{{ env "NOMAD_PORT_main" }} labels: job: syslog relabel_configs: - source_labels: ['__syslog_message_hostname'] target_label: hostname EOF destination = "local/promtail.yml" } resources { cpu = 50 memory = 20 } } } group "syslogng" { count = 1 network { mode = "bridge" port "main" { to = 514 } } service { name = "syslogng" provider = "nomad" port = "main" } task "syslogng" { driver = "docker" config { image = "balabit/syslog-ng:3.37.1" ports = ["main"] args = ["--no-caps"] mount { type = "bind" target = "/etc/syslog-ng/syslog-ng.conf" source = "local/syslog-ng.conf" } } template { data = <<EOF @version: 3.37 @include "scl.conf" source s_network { default-network-drivers( ); }; source s_internal { internal(); }; destination d_loki { {{ range nomadService 1 (env "NOMAD_ALLOC_ID") "syslogng-promtail" -}} syslog("{{ .Address }}" transport("tcp") port({{ .Port }})); {{- end }} }; log { source(s_internal); destination(d_loki); }; log { source(s_network); destination(d_loki); }; EOF destination = "local/syslog-ng.conf" } resources { cpu = 50 memory = 10 } } } }