mirror of
https://github.com/vyos/vyos-documentation.git
synced 2025-10-26 08:41:46 +01:00
Kim
GitHub
commit
5679114d22
48
docs/system/eventhandler.rst
Normal file
48
docs/system/eventhandler.rst
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
.. _event-handler:
|
||||||
|
|
||||||
|
Event Handler
|
||||||
|
-------------
|
||||||
|
|
||||||
|
Event handler allows you to execute scripts when a string that matches a regex appears in a text stream (e.g. log file).
|
||||||
|
|
||||||
|
It uses "feeds" (output of commands, or a named pipes) and "policies" that define what to execute if a regex is matched.
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
system
|
||||||
|
event-handler
|
||||||
|
feed <name>
|
||||||
|
description <feed description>
|
||||||
|
policy <policy name>
|
||||||
|
source
|
||||||
|
preset
|
||||||
|
syslog # Use the syslog logs for feed
|
||||||
|
custom
|
||||||
|
command <command to execute> # E.g. "tail -f /var/log/somelogfile"
|
||||||
|
named-pipe <path to a names pipe>
|
||||||
|
policy <policy name>
|
||||||
|
description <policy description>
|
||||||
|
event <event name>
|
||||||
|
description <event description>
|
||||||
|
pattern <regex>
|
||||||
|
run <command to run>
|
||||||
|
|
||||||
|
In this small example a script runs every time a login failed and an interface goes down
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
vyos@vyos# show system event-handler
|
||||||
|
feed Syslog {
|
||||||
|
policy MyPolicy
|
||||||
|
source {
|
||||||
|
preset syslog
|
||||||
|
}
|
||||||
|
}
|
||||||
|
policy MyPolicy {
|
||||||
|
description "Test policy"
|
||||||
|
event BadThingsHappened {
|
||||||
|
pattern "authentication failure"
|
||||||
|
pattern "interface \.* index \d+ .* DOWN.*"
|
||||||
|
run /config/scripts/email-to-admin
|
||||||
|
}
|
||||||
|
}
|
||||||
26
docs/system/flowaccounting.rst
Normal file
26
docs/system/flowaccounting.rst
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
.. _flow-accounting:
|
||||||
|
|
||||||
|
|
||||||
|
Flow Accounting
|
||||||
|
---------------
|
||||||
|
|
||||||
|
VyOS supports flow accounting through NetFlow or sFlow.
|
||||||
|
|
||||||
|
For both types you need to specify the interfaces for which the data will be collected:
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
set system flow-accounting interface eth0
|
||||||
|
set system flow-accounting interface bond3
|
||||||
|
|
||||||
|
|
||||||
|
NetFlow is a protocol originating from Cisco Systems. It works on level3.
|
||||||
|
VyOS supports version 1, 5 and 9
|
||||||
|
|
||||||
|
NetFlow v5 example:
|
||||||
|
|
||||||
|
.. code-block:: sh
|
||||||
|
|
||||||
|
set system flow-accounting netflow engine-id 100
|
||||||
|
set system flow-accounting netflow version 5
|
||||||
|
set system flow-accounting netflow server 192.168.2.10 port 2055
|
||||||
@ -11,6 +11,8 @@ should be ready for further configuration which is described in this chapter.
|
|||||||
:maxdepth: 2
|
:maxdepth: 2
|
||||||
:hidden:
|
:hidden:
|
||||||
|
|
||||||
|
eventhandler
|
||||||
|
flowaccounting
|
||||||
host-information
|
host-information
|
||||||
systemusers
|
systemusers
|
||||||
syslog
|
syslog
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user