Skip to content

Commit

Permalink
Update readme
Browse files Browse the repository at this point in the history
  • Loading branch information
juanfont committed Jul 25, 2024
1 parent 80b4798 commit 47731fa
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 3 deletions.
6 changes: 4 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@

[![License](https://img.shields.io/badge/License-BSD_3--Clause-blue.svg)](https://opensource.org/licenses/BSD-3-Clause)

Gitlab Log Streamer is a tool designed to overcome the limitations of Gitlab's `audit_log.json` and potentially other logs.
Gitlab Log Streamer is a tool designed to overcome the limitations of Gitlab's `audit_log.json` and `auth_log.json`.

By default, Gitlab writes its audit events to the `audit_log.json` file, which limits their usefulness as they stay in your GItLab server filesystem.

This project parses the log file, stores the events in a SQLite database, and allows forwarding of new log entries using syslog format (RFC5424) or IBM QRadar's proprietary LEEF. It also supports defining an HTTP endpoint for POST requests with the event, enabling triggers and actions similar to Gitlab System hooks.
This project parses the log files, stores the events in a SQLite database, and allows forwarding of new log entries using syslog format (RFC5424) or IBM QRadar's proprietary LEEF. It also supports defining an HTTP endpoint for POST requests with the event, enabling triggers and actions similar to Gitlab System hooks.

## Table of Contents

Expand All @@ -32,6 +32,8 @@ gitlab_hostname: "gitlab.font.eu"

sources:
audit_log_path: "/var/log/gitlab/gitlab-rails/audit_json.log"
auth_log_path: "/var/log/gitlab/gitlab-rails/auth_json.log"


destinations:
http:
Expand Down
4 changes: 3 additions & 1 deletion config.example.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,12 @@ gitlab_hostname: "gitlab.font.eu"

sources:
audit_log_path: "/var/log/gitlab/gitlab-rails/audit_json.log"
auth_log_path: "/var/log/gitlab/gitlab-rails/auth_json.log"

destinations:
http:
url: "http://localhost:8080"
audit_log_url: "http://localhost:8080/foo"
auth_log_url: "http://localhost:8080/foobar"
headers:
Authorization: "Bearer 1234567890"
Content-Type: "application/json"
Expand Down

0 comments on commit 47731fa

Please sign in to comment.