Adding upstream version 1.34.4.

Signed-off-by: Daniel Baumann <daniel@debian.org>
2025-05-24 07:26:29 +02:00 · 2025-05-24 07:26:29 +02:00 · 4978089aab
commit 4978089aab
parent e393c3af3f
4963 changed files with 677545 additions and 0 deletions
--- a/plugins/inputs/suricata/sample.conf
+++ b/plugins/inputs/suricata/sample.conf
@ -0,0 +1,26 @@
+# Suricata stats and alerts plugin
+[[inputs.suricata]]
+  ## Source
+  ## Data sink for Suricata stats log. This is expected to be a filename of a
+  ## unix socket to be created for listening.
+  # source = "/var/run/suricata-stats.sock"
+
+  ## Delimiter
+  ## Used for flattening field keys, e.g. subitem "alert" of "detect" becomes
+  ## "detect_alert" when delimiter is "_".
+  # delimiter = "_"
+
+  ## Metric version
+  ## Version 1 only collects stats and optionally will look for alerts if
+  ## the configuration setting alerts is set to true.
+  ## Version 2 parses any event type message by default and produced metrics
+  ## under a single metric name using a tag to differentiate between event
+  ## types. The timestamp for the message is applied to the generated metric.
+  ## Additional tags and fields are included as well.
+  # version = "1"
+
+  ## Alerts
+  ## In metric version 1, only status is captured by default, alerts must be
+  ## turned on with this configuration option. This option does not apply for
+  ## metric version 2.
+  # alerts = false