Sources provide matching rules for sender ip addresses. Sources can specify a single IP, a range of IP addresses or a list of IP addresses. A source definition can specify one or more of single IP, range of IP addresses or a list of IP addresses. In this case the source condition evaluates true if any of these source definitions are a match.
sources:-name: localhostipv4: 127.0.0.1-name: 3164_ip_1ipv4: 192.168.55.20-name: 3164_ip_2ipv4: 192.168.55.21-name: qa_labipv4: 192.168.40.3ipv4_range: 10.0.1.5/24ipv4_list: 192.168.1.1, 192.168.1.10
Sources are defined with the "sources" keyword in the config file. All source definitions must have a "name". Sources are referred in rules using their name. The config file validator will flag an error for names that are not found and or source definitions that have a missing name.
This key is used to specify a unique name for source matching rules.
-name: qa_labipv4_list: 192.168.1.1, 192.168.1.10
The source matching conditions are referenced in message rules using their names
rules:-source: localhostdestination: t_debug
At least one of ipv4, ipv4_list and ipv4_range is required when selecting a Client IP/Network based source
sources:-name: qa_lab_dnsipv4: 192.168.4.21
An IP address list is specified by individual ip addresses separated by commas. Note that in the "ipv4_list" keyword, only individual ip addresses are allowed and not CIDR ranges.
sources:-name: qa_labipv4_list: 192.168.1.1, 192.168.1.10
The IP address range is specified using the CIDR notation. E.g. 10.0.1.5/24 represents a range of ip's starting from 10.0.1.0 - 10.0.1.255 or a total of 256 addresses.
sources:-name: qa_labipv4_range: 10.0.1.5/24
LOGIQ can directly ingest from Stackdriver's Google cloud storage sink. You do not need to incur additional pub sub costs for this. Create a google_cloud_storage
source in LOGIQ config for this.
-name: stackdriver_gcp_storage_buckets3:type: google_cloud_storagecredential: >{"type": "service_account","project_id": <google_project_id>,"private_key_id": <private_key_id>,"private_key": <private_key_string>,"client_email": <client_email>,"client_id": <client_id>,"auth_uri": "https://accounts.google.com/o/oauth2/auth","token_uri": "https://oauth2.googleapis.com/token","auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs","client_x509_cert_url": <client cert url>}bucket: <cloud storage bucket name>