naokij/graylog2-blacklist-2-rsyslog.rb

## graylog2-blacklist-2-rsyslog.rb
require 'rubygems'
require 'mongo'

@conn = Mongo::Connection.new
@db = @conn['graylog2']
@db.authenticate('grayloguser','grayloguser-mongo-passwd')
@coll = @db['blacklists']
@conf_file = '/etc/rsyslog_disgarding.conf'
@conf_content = ""
@file = File.open(@conf_file,'r')
@conf_content = @file.read
@file.close
@new_config = ''
@coll.find.each do |b|
  b['blacklisted_terms'].find.each do |t|
    @new_config = @new_config + ":msg, contains, \"#{t['term']}\" ~\n"
  end
end

if @conf_content != @new_config
  @file = File.open(@conf_file,'w')
  @file.write(@new_config)
  @file.close
  system '/etc/init.d/rsyslogforwarder restart'
end
	require 'rubygems'
	require 'mongo'

	@conn = Mongo::Connection.new
	@db = @conn['graylog2']
	@db.authenticate('grayloguser','grayloguser-mongo-passwd')
	@coll = @db['blacklists']
	@conf_file = '/etc/rsyslog_disgarding.conf'
	@conf_content = ""
	@file = File.open(@conf_file,'r')
	@conf_content = @file.read
	@file.close
	@new_config = ''
	@coll.find.each do \|b\|
	b['blacklisted_terms'].find.each do \|t\|
	@new_config = @new_config + ":msg, contains, \"#{t['term']}\" ~\n"
	end
	end

	if @conf_content != @new_config
	@file = File.open(@conf_file,'w')
	@file.write(@new_config)
	@file.close
	system '/etc/init.d/rsyslogforwarder restart'
	end