| Plugin Version | Graylog Version |
|---|---|
| 1.4.x | 3.2.x |
| >= 1.3.x | 3.0.x |
Download the plugin
and place the .jar file in your Graylog plugin directory. The plugin directory
is the plugins/ folder relative from your graylog-server directory by default
and can be configured in your graylog.conf file.
Restart graylog-server and you are done.
In the configuration tab of Graylog, you will have to provide:
- GLPI API URL
- GLPI User API Token
- GLPI APP Token
- Cache Heap Size
- Cache TTL
You may have to change the order into "Message Processors Configuration". Just switch between "Message Filter Chain" and "Pipeline Processor"
To search into the Computer category for the source field and display all fields, create a pipeline function like:
rule "GLPIComputer"
when
has_field("source")
then
let computer = GLPI(to_string($message.source), "Computer", "");
let computer_fieds = key_value(computer);
set_fields(computer_fieds, "Computer-");
end
If you want to do the same search but displaying only the field called OSName, create a pipeline function like:
rule "GLPIComputer"
when
has_field("source")
then
let computer = GLPI(to_string($message.source), "Computer", "OSName");
let computer_fieds = key_value(computer);
set_fields(computer_fieds, "Computer-");
end
This project is using Maven 3 and requires Java 8 or higher.
- Clone this repository.
- Run
mvn packageto build a JAR file. - Optional: Run
mvn jdeb:jdebandmvn rpm:rpmto create a DEB and RPM package respectively. - Copy generated JAR file in target directory to your Graylog plugin directory.
- Restart the Graylog.
This plugin is released under version 3.0 of the GNU General Public License.