2 files changed, 153 insertions, 0 deletions

diff --git a/sysutils/logstash6/files/logstash.conf.sample b/sysutils/logstash6/files/logstash.conf.sample
new file mode 100644
index 000000000000..2f974f7d721f
--- /dev/null
+++ b/sysutils/logstash6/files/logstash.conf.sample
@@ -0,0 +1,45 @@
+input {
+
+	file {
+		type => "syslog"
+		# path => [ "/var/log/*.log", "/var/log/messages", "/var/log/syslog" ]
+		path => "/var/log/messages"
+		start_position => "beginning"
+	}
+}
+
+filter {
+# An filter may change the regular expression used to match a record or a field,
+# alter the value of parsed fields, add or remove fields, etc.
+#
+#	if [type] == "syslog" {
+#		grok {
+#			match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} (%{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}|%{GREEDYDATA:syslog_message})" }
+#			add_field => [ "received_at", "%{@timestamp}" ]
+#			add_field => [ "received_from", "%{@source_host}" ]
+#		}
+#    
+#		if !("_grokparsefailure" in [tags]) {
+#			mutate {
+#				replace => [ "@source_host", "%{syslog_hostname}" ]
+#				replace => [ "@message", "%{syslog_message}" ]
+#			}
+#		}
+#		mutate {
+#			remove_field => [ "syslog_hostname", "syslog_message" ]
+#		}
+#		date {
+#			match => [ "syslog_timestamp","MMM  d HH:mm:ss", "MMM dd HH:mm:ss", "ISO8601" ] 
+#		}
+#		syslog_pri { }
+#	}
+}
+
+output {
+	# Emit events to stdout for easy debugging of what is going through
+	# logstash.
+	# stdout { codec => rubydebug }
+
+	# This will use elasticsearch to store your logs.
+	# elasticsearch { hosts => [ "localhost:9200" ] }
+}
diff --git a/sysutils/logstash6/files/logstash.in b/sysutils/logstash6/files/logstash.in
new file mode 100644
index 000000000000..dae70d7a91d6
--- /dev/null
+++ b/sysutils/logstash6/files/logstash.in
@@ -0,0 +1,108 @@
+#!/bin/sh
+
+# Configuration settings for logstash in /etc/rc.conf:
+#
+# PROVIDE: logstash
+# REQUIRE: DAEMON
+# BEFORE:  LOGIN
+# KEYWORD: shutdown
+#
+# logstash_enable (bool):
+#   Default value: "NO"
+#   Flag that determines whether Logstash is enabled.
+#
+# logstash_home (string):
+#   Default value: "/usr/local/logstash"
+#   Logstash installation directory.
+#
+# logstash_config (string):
+#   Default value: /usr/local/etc/${name}/${name}.conf
+#   Logstash configuration file path.
+#
+# logstash_log (bool):
+#   Set to "NO" by default.
+#   Set it to "YES" to enable logstash logging to file
+#   Default output to /var/log/logstash.log
+#
+# logstash_log_file (string):
+#   Default value: "${logdir}/${name}.log"
+#   Log file path.
+#
+# logstash_java_home (string):
+#   Default value: "/usr/local/openjdk8"
+#   Root directory of the desired Java SDK.
+#   The JAVA_HOME environment variable is set with the contents of this
+#   variable.
+#
+# logstash_java_opts (string):
+#   Default value: ""
+#   Options to pass to the Java Virtual Machine.
+#   The JAVA_OPTS environment variable is set with the contents of this
+#   variable.
+#
+# logstash_opts (string):
+#   Default value: ""
+#   Additional command line flags for logstash, eg. "-r"
+#
+
+. /etc/rc.subr
+
+name=logstash
+rcvar=logstash_enable
+
+load_rc_config ${name}
+
+logdir="/var/log"
+
+: ${logstash_enable="NO"}
+: ${logstash_home="%%LOGSTASH_HOME%%"}
+: ${logstash_config="%%ETCDIR%%/${name}.conf"}
+: ${logstash_log="YES"}
+: ${logstash_log_dir="${logdir}/${name}"}
+: ${logstash_java_home="%%JAVA_HOME%%"}
+: ${logstash_java_opts=""}
+: ${logstash_opts=""}
+
+piddir=/var/run/${name}
+pidfile=${piddir}/${name}.pid
+
+if [ -d $piddir ]; then
+  mkdir -p $piddir
+fi
+
+start_precmd="logstash_precmd"
+
+logstash_cmd="${logstash_home}/bin/logstash"
+procname="${logstash_java_home}/bin/java"
+
+logstash_chdir=${logstash_home}
+logstash_log_options=""
+
+if checkyesno logstash_log; then
+  logstash_log_options=" -l ${logstash_log_dir}" 
+fi
+
+logstash_args="-f ${logstash_config} ${logstash_log_options} ${logstash_opts}"
+
+JAVA_OPTS="${logstash_java_opts}"
+JAVA_HOME="${logstash_java_home}"
+export JAVA_OPTS
+export JAVA_HOME
+
+command="/usr/sbin/daemon"
+command_args="-f -p ${pidfile} ${logstash_cmd} ${logstash_args}"
+required_files="${logstash_home} ${logstash_java_home} ${logstash_cmd} ${logstash_config}"
+
+# Include /usr/local/bin in path because Logstash startup scripts
+# assume bash is in path.
+PATH=/usr/local/bin:$PATH
+
+logstash_precmd()
+{
+    /usr/bin/install -d -o root -g wheel -m 755 ${logstash_log_dir}
+    /usr/bin/install -d -o root -g wheel -m 755 /var/db/logstash
+    /usr/bin/install -d -o root -g wheel -m 755 /var/run/logstash
+}
+
+
+run_rc_command "$1"