From: Florian Forster Date: Wed, 27 Feb 2013 07:17:54 +0000 (+0100) Subject: collectd.conf(5): Add information about the snort plugin. X-Git-Tag: collectd-5.3.0~26^2~7 X-Git-Url: https://git.tokkee.org/?a=commitdiff_plain;h=eb713c1a6b98e996dc4d539afb5cdace07c2c88a;p=collectd.git collectd.conf(5): Add information about the snort plugin. --- diff --git a/src/collectd.conf.pod b/src/collectd.conf.pod index 70bc997d..b1b9bd22 100644 --- a/src/collectd.conf.pod +++ b/src/collectd.conf.pod @@ -4845,6 +4845,98 @@ Since the configuration of the C is a little more complicated than other plugins, its documentation has been moved to an own manpage, L. Please see there for details. +=head2 Plugin C + +The I reads the statistics file written by I, a free +network intrusion detection system (IDS). The file is written by Snort's +I preprocessor and needs to be configured to write to a +file. + +B + + + + Type "percent" + Instance "dropped" + Index 1 + + + Path "/var/log/snort/snort.stats" + Interval 600 + Collect "dropped" + + + +The configuration consists of one or more B blocks that define an index +into the line written by I and how this value is mapped to I +internal representation. These are followed by one or more B blocks +which configure which file to read, in which interval and which metrics to +extract. + +=over 4 + +=item EB IE + +The B block configures a new metric to be extracted from the statistics +file and how it is mapped on I data model. The string I is +only used inside the B blocks to refer to this block, so you can use +one B block for multiple I instances. + +=over 4 + +=item B I + +Configures which I to use when dispatching this metric. Types are defined +in the L file, see the appropriate manual page for more +information on specifying types. Only types with a single I are +supported by the I. The information whether the value is an +absolute value (i.e. a C) or a rate (i.e. a C) is taken from the +I definition. + +=item B I + +If set, I is used to populate the type instance field of the +created value lists. Otherwise, no type instance is used. + +=item B I + +Each line in the statistics file is broken into many fields with the first +field, the timestamp of the line, is index with zero. This option configures to +read the value from the field with index I. Since the first field is +always the timestamp, I must be greater than zero. + +=back + +=item EB IE + +Configures an instance of I to extract values for. The block's I +will be used as I when dispatching the values and is used to +support multiple separate I instances. There must be at least one +I block but there can be multiple if you have multiple instances of +I running. + +=over 4 + +=item B I + +Configures the I to the statistics file to read. + +=item B I + +Specifies which I to collect. This option must be specified at least +once, and you can use this option multiple times to specify more than one +metric to be extracted from this statistic file. + +=item B I + +Configures the interval in which to read values from this instance / file. This +should match the interval in which I performance monitor is writing to +the file. Defaults to the plugin's default interval. + +=back + +=back + =head2 Plugin C The I collects information about used and available swap space. On