alloy-config/config.alloy

90 lines
2.5 KiB
Plaintext
Raw Normal View History

2025-01-04 10:28:35 +01:00
loki.write "grafana_cloud_loki" {
endpoint {
url = "https://loki.tainton.uk/loki/api/v1/push"
}
}
loki.process "logs_integrations_windows_exporter" {
forward_to = [loki.write.grafana_cloud_loki.receiver]
stage.json {
expressions = {
level = "levelText",
source = "source",
}
}
stage.labels {
values = {
level = "",
source = "",
}
}
stage.static_labels {
values {
service_name = "WindowsLogs",
}
}
}
loki.relabel "logs_integrations_windows_exporter" {
forward_to = [loki.process.logs_integrations_windows_exporter.receiver]
rule {
source_labels = ["computer"]
target_label = "host"
}
}
loki.source.windowsevent "logs_integrations_windows_exporter_application" {
locale = 1033
eventlog_name = "Application"
bookmark_path = "./bookmarks-app.xml"
poll_interval = "0s"
use_incoming_timestamp = true
forward_to = [loki.relabel.logs_integrations_windows_exporter.receiver]
labels = {
instance = constants.hostname,
job = "integrations/windows_exporter",
}
}
loki.source.windowsevent "logs_integrations_windows_exporter_system" {
locale = 1033
eventlog_name = "System"
bookmark_path = "./bookmarks-sys.xml"
poll_interval = "0s"
use_incoming_timestamp = true
forward_to = [loki.relabel.logs_integrations_windows_exporter.receiver]
labels = {
instance = constants.hostname,
job = "integrations/windows_exporter",
}
}
loki.source.windowsevent "logs_integrations_windows_exporter_defender" {
locale = 1033
eventlog_name = "Microsoft-Windows-Windows Defender/Operational"
bookmark_path = "./bookmarks-defender.xml"
poll_interval = "0s"
use_incoming_timestamp = true
forward_to = [loki.relabel.logs_integrations_windows_exporter.receiver]
labels = {
instance = constants.hostname,
job = "integrations/windows_exporter",
}
}
loki.source.windowsevent "logs_integrations_windows_exporter_wifi" {
locale = 1033
eventlog_name = "Microsoft-Windows-WLAN-AutoConfig/Operational"
bookmark_path = "./bookmarks-wifi.xml"
poll_interval = "0s"
use_incoming_timestamp = true
forward_to = [loki.relabel.logs_integrations_windows_exporter.receiver]
labels = {
instance = constants.hostname,
job = "integrations/windows_exporter",
}
}