Logging changes: new hdd, removed ideapad instance, graylog

2025-04-15 11:50:46 -07:00
parent 575ced3c41
commit 8125fe2bd2
3 changed files with 18 additions and 7 deletions
--- a/config/logging.nix
+++ b/config/logging.nix
@@ -99,10 +99,6 @@
            targets = [ "192.168.100.12" ];
            labels.instance = "r730xd-idrac";
          }
-          {
-            targets = [ "192.168.100.20" ];
-            labels.instance = "ideapad";
-          }
          {
            targets = [ "192.168.100.21" ];
            labels.instance = "r330-proxmox";
@@ -189,12 +185,20 @@
    ];
  };

+  services = {
+    graylog.enable = true;
+    mongodb.enable = true;
+    opensearch.enable = true;
+  };
+
+
  systemd.services.suricata = {
    description = "Suricata IDS/IPS";
    wantedBy = ["multi-user.target"];
    serviceConfig = {
      type = "simple";
      User = "logging";
+      ExecStartPre = "/run/current-system/sw/bin/ip link set enp6s19 up";
      ExecStart = "${pkgs.suricata}/bin/suricata -c /etc/suricata.yaml -i enp6s19";
      Restart = "on-failure";
      CapabilityBoundingSet = "CAP_NET_RAW CAP_NET_ADMIN";