export: enabled: true batch_size: 100 export_interval: "30s" retry_attempts: 5 retry_backoff: "10s" health_check_interval: "60s" localstorage: enabled: true db_path: "./watch.db" rotation: max_sizes_bytes: 100 * 1024 * 1024 max_age_hours: 24 max_files: 3 check_interval_minuntes: 5 archive_dir: "" elasticsearch: enabled: true url: "http://10.0.0.99:9200" index: "watch" username: "your-configured-user" password: "your-super-secret-password" api_key: "your-api-key" timeout: 30 web_service: enabled: true host: "0.0.0.0" port: 9090 system_metrics: enabled: true collect_cpu: true collect_memory: true collect_disk: true collect_network: true disk_paths: - "/" - "/var" - "/home" network_interfaces: - "ens6" collect_network_connections: true collect_load_average: true collect_tcp_stats: true collect_filehandles: true collect_disk_io: true collect_network_latency: true collect_bandwidth_usage: true transfer_ports: 60003 latency_test_hosts: "www.google.de" poll_interval_seconds: 30 patterns_file: "./configs/patterns.yaml" logging: level: "info" file_path: "/var/log/system-monitor.log" drain3: enabled: true state_dir: "./drain3_states" depth: 4 sim_th: 0.4 max_children: 100 max_clusters: 1000 save_interval: 60 services: - name: "nginx" service: "nginx.service" enabled: true since_time: "" priority: "info" tools: - name: "nginx-access" log_file: "/var/log/nginx/access.log" enabled: true buffer_size: 200 format: name: "nginx_combined" pattern: '^(?P\S+) \S+ \S+ \[(?P[^\]]+)\] "(?P\S+) (?P\S+) (?P\S+)" (?P\d+) (?P\d+) "(?P[^"]*)" "(?P[^"]*)"' fields: client_ip: "remote_addr" timestamp: "time_local" method: "request_method" path: "request_uri" protocol: "server_protocol" status: "status" body_bytes: "body_bytes_sent" referer: "http_referer" user_agent: "http_user_agent" - name: "nginx-error" log_file: "/var/log/nginx/error.log" enabled: true buffer_size: 100 format: name: "nginx_error" pattern: '^(?P\d{4}/\d{2}/\d{2} \d{2}:\d{2}:\d{2}) \[(?P\w+)\] (?P\d+)#(?P\d+): (?P.*)' fields: timestamp: "time" level: "log_level" pid: "process_id" tid: "thread_id" message: "error_message"