1.7 KiB
1.7 KiB
lokiunifi
Loki Output Plugin for UnPoller
This plugin writes UniFi Events, System Logs, IDS, Alarms, and Anomalies to Loki as JSON.
Log Types
| Application Label | Config Option | API | Description |
|---|---|---|---|
unifi_system_log |
save_syslog |
v2 | System log events (UDM recommended) |
unifi_event |
save_events |
v1 | Legacy events (older controllers) |
unifi_ids |
save_ids |
v1 | Intrusion Detection System events |
unifi_alarm |
save_alarms |
v1 | Alarm events |
unifi_anomaly |
save_anomalies |
v1 | Anomaly events |
Querying in Loki
All logs are stored as JSON. Use Loki's | json parser to extract fields:
{application="unifi_system_log"} | json
Filter by severity:
{application="unifi_system_log", severity="HIGH"} | json
Extract specific fields:
{application="unifi_system_log"} | json | line_format "{{.message}}"
Example Config
[loki]
# URL is the only required setting for Loki.
url = "http://192.168.3.2:3100"
# How often to poll UniFi and report to Loki.
interval = "2m"
# How long to wait for Loki responses.
timeout = "5s"
# Set these to use basic auth.
#user = ""
#pass = ""
# Used for auth-less multi-tenant.
#tenant_id = ""
[unifi.defaults]
# For UDM/UDM-Pro/UCG devices, use save_syslog (v2 API)
save_syslog = true
# For older controllers, use save_events (v1 API)
save_events = false
# Other log types
save_ids = false
save_alarms = false
save_anomalies = false
Environment Variables
UP_LOKI_URL=http://localhost:3100
UP_LOKI_INTERVAL=2m
UP_UNIFI_DEFAULT_SAVE_SYSLOG=true
UP_UNIFI_DEFAULT_SAVE_EVENTS=false