Added logging config

2025-02-05 10:02:34 -08:00
parent 7ebbd4044e
commit b895fd28d5
3 changed files with 39 additions and 3 deletions
--- a/config/logging.nix
+++ b/config/logging.nix
@@ -6,16 +6,46 @@
    (import ./networking.nix {
        hostname = "r330-logging";
        ip_address = "192.168.100.41";
-        open_ports = [];
+        open_ports = [ 3000 9001 ];
        inherit lib;
    })
  ];

  users.users.logging = import ./user.nix;
+
  environment.systemPackages = with pkgs; [
    suricata
  ];

+  services.grafana = {
+      enable = true;
+      settings.server = {
+          http_addr = "0.0.0.0";
+          http_port = 3000;
+          domain = "logging.randomctf.local";
+      };
+  };
+
+  services.prometheus = {
+    enable = true;
+    port = 9001;
+    scrapeConfigs = [
+      {
+        job_name = "r330-logging";
+        static_configs = [{
+          targets = let
+            port = toString config.services.prometheus.exporters.node.port;
+          in [
+            "127.0.0.1:${port}"
+            "192.168.100.40:${port}"
+            "192.168.100.42:${port}"
+            "192.168.100.43:${port}"
+          ];
+        }];
+      }
+    ];
+  };
+
  systemd.services.suricata = {
    description = "Suricata IDS/IPS";
    wantedBy = ["multi-user.target"];
@@ -154,6 +184,5 @@
  '';

  environment.etc."suricata/rules/suricata.rules".text = ''
-    alert tcp any any -> any any (msg:"TCP traffic detected"; sid:1000001; rev:1;)
  '';
 }