Rundeck Plugin for Graylog
An alarm callback plugin for integrating Rundeck into Graylog.
Required Graylog version: 2.0.0 and later
Download the plugin
and place the
.jar file in your Graylog plugin directory. The plugin directory
plugins/ folder relative from your
graylog-server directory by default
and can be configured in your
graylog-server and you are done.
You should now be able to add Rundeck callbacks to your stream alert configurations. In order to establish a connection to the
Rundeck API request an API token from the admin section of Rundeck.
The API url should look like
http://172.16.10.1:4440. The job ID can be found in the Rundeck job definition under
If the job is not bound to a set of nodes in Rundeck you can define node filters in the plugin
It is possible to define filters by node
tag and a bunch of operating system properties like
os-[name, family, arch, version].
Filters are separated into include and exclude filters. In this way it is possible to select a big group of nodes first and then specify the actual nodes
inside this group. For example you can use an include filter like
tags:database to select all database nodes and then become more precise and exclude all
master nodes with an exclude filter
tags:master. The result is a list of slave database nodes.
By default the exclude filter have precidence over the include filters. Use the checkbox at the bottom to invert the result.
Rundeck filters are not completely intuative you can read more here.
To parametrize a job you can set static job arguments. These parameters can be set by the user once and they are the same for every job execution.
Alternatively is is possible to extract fields from the last log message of your stream alert and add these fields as job parameters.
E.g. to get the source address of the alarming database server you can add
source to the field list. This is the same as executing a shell command
with a command line parameter
job.sh -source 172.16.10.10. In this way it is possible to react dynamically on events and informations from you log data.
Rundeck executes now jobs when the stream condition is triggered.
This project is using Maven 3 and requires Java 8 or higher.
You can build a plugin (JAR) with
DEB and RPM packages can be build with
mvn jdeb:jdeb and
mvn rpm:rpm respectively.
We are using the maven release plugin:
$ mvn release:prepare
$ mvn release:perform
This sets the version numbers, creates a tag and pushes to GitHub. Travis CI will build the release artifacts and upload to GitHub automatically.