From cf56811bec4889e1d315df275a2df1bdf5cb6872 Mon Sep 17 00:00:00 2001 From: ameye Date: Fri, 28 Oct 2022 01:34:36 +0000 Subject: [PATCH] Config update & PHP sample using Monolog --- .gitignore | 2 + config/graylog.conf | 20 ++-- docker-compose.yml | 28 +++-- php/README.md | 4 + php/composer.json | 6 + php/composer.lock | 280 ++++++++++++++++++++++++++++++++++++++++++++ php/test.php | 24 ++++ 7 files changed, 341 insertions(+), 23 deletions(-) create mode 100644 php/README.md create mode 100644 php/composer.json create mode 100644 php/composer.lock create mode 100644 php/test.php diff --git a/.gitignore b/.gitignore index 02251fd..2c141a0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ data/elasticsearch data/journal data/mongo +php/vendor +config/node-id diff --git a/config/graylog.conf b/config/graylog.conf index d73b1e0..e6a7094 100644 --- a/config/graylog.conf +++ b/config/graylog.conf @@ -570,14 +570,14 @@ mongodb_threads_allowed_to_block_multiplier = 5 # Email transport -#transport_email_enabled = false -#transport_email_hostname = mail.example.com -#transport_email_port = 587 -#transport_email_use_auth = true -#transport_email_auth_username = you@example.com -#transport_email_auth_password = secret -#transport_email_subject_prefix = [graylog] -#transport_email_from_email = graylog@example.com +transport_email_enabled = true +transport_email_hostname = smtp.gmail.com +transport_email_port = 587 +transport_email_use_auth = true +transport_email_auth_username = support@chiefsoft.com +transport_email_auth_password = tbnedulxgycvvjhu +transport_email_subject_prefix = [graylog] +transport_email_from_email = support@chiefsoft.com # Encryption settings # @@ -585,7 +585,7 @@ mongodb_threads_allowed_to_block_multiplier = 5 # Using SMTP with STARTTLS *and* SMTPS at the same time is *not* possible. # Use SMTP with STARTTLS, see https://en.wikipedia.org/wiki/Opportunistic_TLS -#transport_email_use_tls = true +transport_email_use_tls = true # Use SMTP over SSL (SMTPS), see https://en.wikipedia.org/wiki/SMTPS # This is deprecated on most SMTP services! @@ -594,7 +594,7 @@ mongodb_threads_allowed_to_block_multiplier = 5 # Specify and uncomment this if you want to include links to the stream in your stream alert mails. # This should define the fully qualified base url to your web interface exactly the same way as it is accessed by your users. -#transport_email_web_interface_url = https://graylog.example.com +transport_email_web_interface_url = https://graylog.chiefsoft.net # The default connect timeout for outgoing HTTP connections. # Values must be a positive duration (and between 1 and 2147483647 when converted to milliseconds). diff --git a/docker-compose.yml b/docker-compose.yml index e3a5185..bf8c7ae 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -14,8 +14,8 @@ services: - MONGO_INITDB_ROOT_USERNAME=root - MONGO_INITDB_ROOT_PASSWORD=drUqGGCMh volumes: - - /root/graylog/data/mongo:/data/db - - /root/graylog/graylog.js:/docker-entrypoint-initdb.d/graylog.js:ro + - /home/graylog/data/mongo:/data/db + - /home/graylog/graylog.js:/docker-entrypoint-initdb.d/graylog.js:ro env_file: .env # Elasticsearch: https://www.elastic.co/guide/en/elasticsearch/reference/7.10/docker.html @@ -40,7 +40,7 @@ services: hard: -1 mem_limit: 1g volumes: - - /root/graylog/data/elasticsearch:/usr/share/elasticsearch/data + - /home/graylog/data/elasticsearch:/usr/share/elasticsearch/data env_file: .env depends_on: - graylog-mongo @@ -70,22 +70,24 @@ services: # Password: admin - GRAYLOG_ROOT_PASSWORD_SHA2=34d7c08069cc011fa0d17481aab22868f25ac3b8bbc38f03877b695ebca09af9 - GRAYLOG_HTTP_BIND_ADDRESS=0.0.0.0:7555 - - GRAYLOG_HTTP_EXTERNAL_URI=http://207.244.250.26:7555/ - - GRAYLOG_TRANSPORT_EMAIL_WEB_INTERFACE_URL=http://207.244.250.26:7555 - - GRAYLOG_TRANSPORT_EMAIL_HOSTNAME=smtp.example.com + - GRAYLOG_HTTP_EXTERNAL_URI=https://graylog.chiefsoft.net/ + - GRAYLOG_TRANSPORT_EMAIL_WEB_INTERFACE_URL=https://graylog.chiefsoft.net/ + - GRAYLOG_TRANSPORT_EMAIL_HOSTNAME=smtp.gmail.com - GRAYLOG_TRANSPORT_EMAIL_ENABLED=true - - GRAYLOG_TRANSPORT_EMAIL_PORT=25 - - GRAYLOG_TRANSPORT_EMAIL_USE_AUTH=false - - GRAYLOG_TRANSPORT_EMAIL_USE_TLS=false + - GRAYLOG_TRANSPORT_EMAIL_PORT=587 + - GRAYLOG_TRANSPORT_EMAIL_USE_AUTH=true + - GRAYLOG_TRANSPORT_EMAIL_USE_TLS=true - GRAYLOG_TRANSPORT_EMAIL_USE_SSL=false - - GRAYLOG_TRANSPORT_FROM_EMAIL=youremail@yourdomain.com + - GRAYLOG_TRANSPORT_FROM_EMAIL=support@chiefsoft.com + - GRAYLOG_TRANSPORT_AUTH_USERNAME=support@chiefsoft.com + - GRAYLOG_TRANSPORT_AUTH_PASSWORD=tbnedulxgycvvjhu - GRAYLOG_TRANSPORT_SUBJECT_PREFIX=[graylog] - GRAYLOG_MONGODB_URI=mongodb://graylog:vWGzncmBe9@mongo:27017/graylog - GRAYLOG_MESSAGE_JOURNAL_ENABLED=false volumes: - - /root/graylog/data/journal:/usr/share/root/graylog/data/journal - - /root/graylog/config:/usr/share/root/graylog/data/config - - /root/graylog/plugin:/usr/share/graylog/plugin + - /home/graylog/data/journal:/usr/share/graylog/data/journal + - /home/graylog/config:/usr/share/graylog/data/config + - /home/graylog/plugin:/usr/share/graylog/plugin env_file: .env links: - graylog-mongo:mongo diff --git a/php/README.md b/php/README.md new file mode 100644 index 0000000..e1f9992 --- /dev/null +++ b/php/README.md @@ -0,0 +1,4 @@ +composer require monolog/monolog +composer require graylog2/gelf-php + + diff --git a/php/composer.json b/php/composer.json new file mode 100644 index 0000000..a49f629 --- /dev/null +++ b/php/composer.json @@ -0,0 +1,6 @@ +{ + "require": { + "monolog/monolog": "^2.8", + "graylog2/gelf-php": "^1.7" + } +} diff --git a/php/composer.lock b/php/composer.lock new file mode 100644 index 0000000..f136656 --- /dev/null +++ b/php/composer.lock @@ -0,0 +1,280 @@ +{ + "_readme": [ + "This file locks the dependencies of your project to a known state", + "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", + "This file is @generated automatically" + ], + "content-hash": "ace622fa80d8507f3fd08335e29e6d1c", + "packages": [ + { + "name": "graylog2/gelf-php", + "version": "1.7.1", + "source": { + "type": "git", + "url": "https://github.com/bzikarsky/gelf-php.git", + "reference": "8dceab86227c184725479cc36ab5cae4da940f6e" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/bzikarsky/gelf-php/zipball/8dceab86227c184725479cc36ab5cae4da940f6e", + "reference": "8dceab86227c184725479cc36ab5cae4da940f6e", + "shasum": "" + }, + "require": { + "paragonie/constant_time_encoding": "^1|^2", + "php": ">=5.6", + "psr/log": "^1.0|^2.0" + }, + "provide": { + "psr/log-implementation": "~1.0" + }, + "require-dev": { + "phpunit/phpunit": "^5.7|^6.5|^7.5", + "squizlabs/php_codesniffer": "^3.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.4.x-dev" + } + }, + "autoload": { + "psr-4": { + "Gelf\\": "src/Gelf" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Benjamin Zikarsky", + "email": "benjamin@zikarsky.de" + }, + { + "name": "gelf-php contributors", + "homepage": "https://github.com/bzikarsky/gelf-php/contributors" + } + ], + "description": "A php implementation to send log-messages to a GELF compatible backend like Graylog2.", + "time": "2021-08-20T09:39:08+00:00" + }, + { + "name": "monolog/monolog", + "version": "2.8.0", + "source": { + "type": "git", + "url": "https://github.com/Seldaek/monolog.git", + "reference": "720488632c590286b88b80e62aa3d3d551ad4a50" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Seldaek/monolog/zipball/720488632c590286b88b80e62aa3d3d551ad4a50", + "reference": "720488632c590286b88b80e62aa3d3d551ad4a50", + "shasum": "" + }, + "require": { + "php": ">=7.2", + "psr/log": "^1.0.1 || ^2.0 || ^3.0" + }, + "provide": { + "psr/log-implementation": "1.0.0 || 2.0.0 || 3.0.0" + }, + "require-dev": { + "aws/aws-sdk-php": "^2.4.9 || ^3.0", + "doctrine/couchdb": "~1.0@dev", + "elasticsearch/elasticsearch": "^7 || ^8", + "ext-json": "*", + "graylog2/gelf-php": "^1.4.2", + "guzzlehttp/guzzle": "^7.4", + "guzzlehttp/psr7": "^2.2", + "mongodb/mongodb": "^1.8", + "php-amqplib/php-amqplib": "~2.4 || ^3", + "phpspec/prophecy": "^1.15", + "phpstan/phpstan": "^0.12.91", + "phpunit/phpunit": "^8.5.14", + "predis/predis": "^1.1 || ^2.0", + "rollbar/rollbar": "^1.3 || ^2 || ^3", + "ruflin/elastica": "^7", + "swiftmailer/swiftmailer": "^5.3|^6.0", + "symfony/mailer": "^5.4 || ^6", + "symfony/mime": "^5.4 || ^6" + }, + "suggest": { + "aws/aws-sdk-php": "Allow sending log messages to AWS services like DynamoDB", + "doctrine/couchdb": "Allow sending log messages to a CouchDB server", + "elasticsearch/elasticsearch": "Allow sending log messages to an Elasticsearch server via official client", + "ext-amqp": "Allow sending log messages to an AMQP server (1.0+ required)", + "ext-curl": "Required to send log messages using the IFTTTHandler, the LogglyHandler, the SendGridHandler, the SlackWebhookHandler or the TelegramBotHandler", + "ext-mbstring": "Allow to work properly with unicode symbols", + "ext-mongodb": "Allow sending log messages to a MongoDB server (via driver)", + "ext-openssl": "Required to send log messages using SSL", + "ext-sockets": "Allow sending log messages to a Syslog server (via UDP driver)", + "graylog2/gelf-php": "Allow sending log messages to a GrayLog2 server", + "mongodb/mongodb": "Allow sending log messages to a MongoDB server (via library)", + "php-amqplib/php-amqplib": "Allow sending log messages to an AMQP server using php-amqplib", + "rollbar/rollbar": "Allow sending log messages to Rollbar", + "ruflin/elastica": "Allow sending log messages to an Elastic Search server" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-main": "2.x-dev" + } + }, + "autoload": { + "psr-4": { + "Monolog\\": "src/Monolog" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Jordi Boggiano", + "email": "j.boggiano@seld.be", + "homepage": "https://seld.be" + } + ], + "description": "Sends your logs to files, sockets, inboxes, databases and various web services", + "homepage": "https://github.com/Seldaek/monolog", + "keywords": [ + "log", + "logging", + "psr-3" + ], + "funding": [ + { + "url": "https://github.com/Seldaek", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/monolog/monolog", + "type": "tidelift" + } + ], + "time": "2022-07-24T11:55:47+00:00" + }, + { + "name": "paragonie/constant_time_encoding", + "version": "v2.6.3", + "source": { + "type": "git", + "url": "https://github.com/paragonie/constant_time_encoding.git", + "reference": "58c3f47f650c94ec05a151692652a868995d2938" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/58c3f47f650c94ec05a151692652a868995d2938", + "reference": "58c3f47f650c94ec05a151692652a868995d2938", + "shasum": "" + }, + "require": { + "php": "^7|^8" + }, + "require-dev": { + "phpunit/phpunit": "^6|^7|^8|^9", + "vimeo/psalm": "^1|^2|^3|^4" + }, + "type": "library", + "autoload": { + "psr-4": { + "ParagonIE\\ConstantTime\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Paragon Initiative Enterprises", + "email": "security@paragonie.com", + "homepage": "https://paragonie.com", + "role": "Maintainer" + }, + { + "name": "Steve 'Sc00bz' Thomas", + "email": "steve@tobtu.com", + "homepage": "https://www.tobtu.com", + "role": "Original Developer" + } + ], + "description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)", + "keywords": [ + "base16", + "base32", + "base32_decode", + "base32_encode", + "base64", + "base64_decode", + "base64_encode", + "bin2hex", + "encoding", + "hex", + "hex2bin", + "rfc4648" + ], + "time": "2022-06-14T06:56:20+00:00" + }, + { + "name": "psr/log", + "version": "1.1.4", + "source": { + "type": "git", + "url": "https://github.com/php-fig/log.git", + "reference": "d49695b909c3b7628b6289db5479a1c204601f11" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11", + "reference": "d49695b909c3b7628b6289db5479a1c204601f11", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.1.x-dev" + } + }, + "autoload": { + "psr-4": { + "Psr\\Log\\": "Psr/Log/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "PHP-FIG", + "homepage": "https://www.php-fig.org/" + } + ], + "description": "Common interface for logging libraries", + "homepage": "https://github.com/php-fig/log", + "keywords": [ + "log", + "psr", + "psr-3" + ], + "time": "2021-05-03T11:20:27+00:00" + } + ], + "packages-dev": [], + "aliases": [], + "minimum-stability": "stable", + "stability-flags": [], + "prefer-stable": false, + "prefer-lowest": false, + "platform": [], + "platform-dev": [], + "plugin-api-version": "1.1.0" +} diff --git a/php/test.php b/php/test.php new file mode 100644 index 0000000..da7b6a0 --- /dev/null +++ b/php/test.php @@ -0,0 +1,24 @@ +pushHandler($handler); + +// You can now use your logger +$logger->info('My logger is now ready'); +