Allow limiting what can be collected on host side

Sometimes there are requirements that disallow free remote log collection configuration (i.e. restriction to what files can be collected must be configured on host). Limiting what paths are allowed to be collected on host would solve this.

There are some ways alternative to do this:

  • Using file permissions which can be cumbersome to setup
  • Not use collector-sidecar and configure just filebeat which disallows any configuration from Graylog server

Enabling the collector-sidecar to limit the glob expressions would be straightforward approach to limit what can be collected.

We have implemented this allowed_paths configuration option in our fork and are offering that to collector-sidecar. See comparison here: https://github.com/Graylog2/collector-sidecar/compare/master...digiapulssi:allowed-paths-implementation

Hej Sami,

could you please open a PR that describes what you do, and why you implement it and then we can decide if we want to merge that.

thanks
Jan

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.