Automate lookup table, data adapter, etc. config using ansible?

shresth · July 22, 2021, 3:55pm

Hi Everyone,

I would like to automate the lookup table, create data adapter, etc. configurations.

I do not want to create it manually using the GUI on the browser but instead using ansible or some other automation tools. I would like to know which files for graylog needs to be changed so that I write a script based on that.

In short, I would like to automate these steps mentioned in the link using tools such as ansible - How to Set Up Graylog GeoIP Configuration | Graylog

Does anyone have an idea which files to change in graylog?

Thanks,
Shresth

shoothub · July 23, 2021, 8:50am

Hi @shresth
your tool should be Rest API, because everything you click on web GUI can be also done with Rest API. Graylog web UI uses Rest API for every operation, so you can easily create same steps.

There is also a Rest API browser in graylog you can use for experiments:
https://docs.graylog.org/en/4.0/pages/configuration/rest_api.html

Rest API browser is a nice tool to try, but still I would suggest rather use Developer Tools in browser. Simple open Developer Tools switch to tab Network and XHR requests. Then create for example Lookup table in graylog web UI and then pause recording in Developer Tools. Then find POST/PUT request that create new entry and check parameters used to create it. You can also copy complete request to curl using Copy - Copy as cURL (in Firefox).

So in your case check this Rest PI endpoinds:

Create lookup adapter (POST): /api/system/lookup/adapters
Create lookup cache (POST): /api/system/lookup/caches
Create lookup table (POST): /api/system/lookup/tables
Create pipeline rule (POST): /api/system/pipelines/rule
Create pipeline (POST): /api/system/pipelines/pipeline
Edit pipeline connections (POST): /api/system/pipelines/connections/to_pipeline
Edit pipeline stage - add pipeline rule (PUT): /api/system/pipelines/pipeline/PIPELINE_ID

There is also existing ansible module, that can help with some steps, like create pipeline, pipeline rule, or you can fork it and create implement missing functionality:

system · August 6, 2021, 8:51am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
automating inputs Graylog Central (peer support) pipeline-rules	2	1264	March 16, 2020
Graylog Advance Rules and Dynamic Lookup Graylog Central (peer support) pipeline-rules	4	636	February 25, 2019
Using CSV lookup table to create more fields in message stream? Graylog Central (peer support) pipeline-rules	6	343	November 27, 2023
Configuring Pipeline through API Graylog Central (peer support)	6	434	August 3, 2020
Updating Lookup table values from pipeline logic? Graylog Central (peer support)	2	728	January 1, 2020

Automate lookup table, data adapter, etc. config using ansible?

Related Topics