#create network
docker network create -d macvlan --subnet=192.7.0.0/16 --gateway=192.7.0.1 -o parent=ens35 docker-out
docker network create -d macvlan --ipv6 --subnet="2001::/64" -o parent=ens35 docker-out-ipv6
#run syslog-ng with network
docker run --net=docker-out --ip=192.7.0.49 -d -p 514:514/udp -p 601:601 -v "/etc/":/etc -v "/bin":/bin --name syslog-ng balabit/syslog-ng:latest
docker run --net=docker-out --ip=192.7.0.49 -d -p 514:514/udp -p 601:601 -v "/etc/":/etc -v "$PWD/syslog-ng.conf":/etc/syslog-ng/syslog-ng.conf -v "/bin":/bin --name syslog-ng balabit/syslog-ng:latest
#run syslog-ng
docker run -d -p 514:514/udp -p 601:601 -v "/etc/":/etc -v "/bin":/bin --name syslog-ng balabit/syslog-ng:latest
docker container ls -a
docker container rm imageid
#syslog-ng conf
@version: 3.27
@include "scl.conf"
options {
time-reap(30);
mark-freq(10);
keep-hostname(yes);
};
source s_local {
system(); internal();
};
source s_network1 {
syslog(ip("0.0.0.0") transport(tls) port(7514) flags(syslog-protocol)
tls(
key-file("/etc/syslog-ng/ca.d/matual-192.7.0.29/server.key")
cert-file("/etc/syslog-ng/ca.d/matual-192.7.0.29/server.crt")
ca-dir("/etc/syslog-ng/ca.d/matual-192.7.0.29/")
peer_verify(optional-untrusted)
)
);
};
destination d_logs {
file(
"/var/log/${HOST}/${PROGRAM}.log"
owner("root")
group("root")
perm(0777)
create_dirs(yes)
flags(syslog-protocol)
);
};
log {
source(s_local); source(s_network1); destination(d_logs);
};
#get syslog-ng docker image
docker pull balabit/syslog-ng
#show container
docker container ls
#show mount volumes
docker inspect CONTAINERID -f {{.Mounts}}
docker inspect CONTAINERID |grep -i mount