From b5661464ff8e6bfc56d0210eec1991d01b8d96c8 Mon Sep 17 00:00:00 2001
From: Kevin222004 <kevinpatel222004@gmail.com>
Date: Tue, 9 Jul 2024 22:47:56 +0530
Subject: [PATCH] feat: enhance the demo with syslog telemetries

Signed-off-by: Kevin222004 <kevinpatel222004@gmail.com>
---
 .github/workflows/docker-publish.yml |  1 +
 README.md                            |  1 +
 config/rsyslog.conf                  | 10 ++++++++++
 config/telegraf.conf                 |  3 +++
 docker-compose.yml                   | 10 ++++++++++
 5 files changed, 25 insertions(+)
 create mode 100644 config/rsyslog.conf

diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml
index 4134b2f..e52ddc7 100644
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -51,6 +51,7 @@ jobs:
           curl --fail http://127.0.0.1:9091/api/v1/query?query=disk_used_percent | grep disk_used_percent
           curl --fail http://127.0.0.1:9091/api/v1/query?query=netstat_tcp_listen | grep netstat_tcp_listen
           curl --fail http://127.0.0.1:9091/api/v1/query?query=dns_query_result_code | grep dns_query_result_code
+          curl --fail http://127.0.0.1:9091/api/v1/query?query=syslog_version | grep syslog_version
 
       - name: Logs
         if: always()
diff --git a/README.md b/README.md
index b4147e1..0b226e2 100644
--- a/README.md
+++ b/README.md
@@ -117,6 +117,7 @@ curl --fail http://127.0.0.1:9091/api/v1/query?query=redfish_thermal_fans_readin
 curl --fail http://127.0.0.1:9091/api/v1/query?query=disk_used_percent | grep disk_used_percent
 curl --fail http://127.0.0.1:9091/api/v1/query?query=netstat_tcp_listen | grep netstat_tcp_listen
 curl --fail http://127.0.0.1:9091/api/v1/query?query=dns_query_result_code | grep dns_query_result_code
+curl --fail http://127.0.0.1:9091/api/v1/query?query=syslog_version | grep syslog_version
 ```
 
 ## Running example
diff --git a/config/rsyslog.conf b/config/rsyslog.conf
new file mode 100644
index 0000000..d55f2e3
--- /dev/null
+++ b/config/rsyslog.conf
@@ -0,0 +1,10 @@
+$ActionQueueType LinkedList # use asynchronous processing
+$ActionQueueFileName srvrfwd # set file name, also enables disk mode
+$ActionResumeRetryCount -1 # infinite retries on insert failure
+$ActionQueueSaveOnShutdown on # save in-memory data if rsyslog shuts down
+
+# forward over tcp with octet framing according to RFC 5425
+*.* @@(o)127.0.0.1:6514;RSYSLOG_SyslogProtocol23Format
+
+# uncomment to use udp according to RFC 5424
+*.* @127.0.0.1:6514;RSYSLOG_SyslogProtocol23Format
diff --git a/config/telegraf.conf b/config/telegraf.conf
index 97d0859..74367a5 100644
--- a/config/telegraf.conf
+++ b/config/telegraf.conf
@@ -42,6 +42,9 @@
   servers = ["8.8.8.8"]
   include_fields = ["all_ips"]
 
+[[inputs.syslog]]
+  server = "udp://:6514"
+
 [[outputs.file]]
   files = ["stdout"]
   data_format = "influx"
diff --git a/docker-compose.yml b/docker-compose.yml
index 224d9be..4ed6aff 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -144,6 +144,16 @@ services:
       timeout: 10s
       retries: 5
 
+  syslog:
+    image: rsyslog/syslog_appliance_alpine
+    volumes:
+      - ./config/rsyslog.conf:/etc/rsyslog.d/50-telegraf.conf
+    ports:
+      - "6514:6514/tcp"
+      - "6514:6514/udp"
+    networks:
+      - opi
+
 volumes:
   influxdb-storage: