2023-09-18 15:32:43 +02:00
{ config , pkgs , . . . }:
{
2023-09-18 16:22:12 +02:00
# Systemd Journal Monitoring.
# Alternative:
# journal-biref
# https://github.com/twaugh/journal-brief
# https://opensource.com/article/20/7/systemd-journals-email
2023-09-18 15:32:43 +02:00
# Write to Systemd Journal:
# echo 'hello' | systemd-cat -p emerg
# echo 'hello' | systemd-cat -t someapp -p emerg
# View Systemd Journal.
# Filter by app:
# journalctl -b -t someapp
# Filter by priority:
# journalctl -b -p 5
# Manually execute journalwatch timer:
# sudo systemctl start journalwatch.service
# Find a message and view its details
# journalctl -b -p5 -o json-pretty
# Then press "/" and enter a pattern, then press "Enter".
assertions = [ {
assertion = config . services . opensmtpd . enable ;
message = " j o u r n a l w a t c h r e q u i r e s a c o n f i g u r e d s e n d m a i l M T A , s e e s e n d m a i l - m t a . n i x . " ;
} ] ;
services . journalwatch = {
enable = true ;
# TODO: Same as configured by sendmail MTA.
mailFrom = " l a n g b e i n @ m a i l . d e " ;
mailTo = " d a n i e l + j o u r n a l w a t c h @ s y s t e m l i . o r g " ;
#interval = "hourly";
# Lowest priority of message to be considered. A value between 7 (“debug”), and 0 (“emerg”). Defaults to 6 (“info”). If you don’
priority = 5 ;
# Default patterns: https://github.com/The-Compiler/journalwatch/blob/363725ac4b8aa841d87654fa8a63403a59ad1275/journalwatch.py#L71
# If the value of `match` starts and ends with a slash, it is interpreted as a regular expression, if not, it's an exact match.
# `filters` are always regular expressions.
# All regular expressions have to match the full string!
filterBlocks = [
2023-09-20 15:39:26 +02:00
#
# _SYSTEMD_UNIT
#
2023-09-18 15:45:26 +02:00
{ # yodaTux
filters = ''
2023-09-18 15:32:43 +02:00
. *
2023-09-18 15:45:26 +02:00
'' ;
2023-09-20 11:34:32 +02:00
match = " _ S Y S T E M D _ U N I T = / ( b l u e t o o t h \. s e r v i c e | c u p s \. s e r v i c e ) / " ;
2023-09-18 15:45:26 +02:00
}
2023-09-20 11:34:32 +02:00
{ # yodaYoga
2023-09-18 15:45:26 +02:00
filters = ''
2023-09-20 11:34:32 +02:00
# Somebody evil trying to connect over SSH ^^
error : kex_exchange_identification : read : Connection reset by peer
# Somebody evil connected with a non-SSH client to the SSH server.
error : kex_exchange_identification : banner line contains invalid characters
# Somebody evil ...
error : kex_exchange_identification : client sent invalid protocol identifier " G E T / H T T P / 1 . 1 "
error : kex_exchange_identification : Connection closed by remote host
2023-09-18 15:45:26 +02:00
'' ;
2023-09-20 11:34:32 +02:00
match = " _ S Y S T E M D _ U N I T = s s h d . s e r v i c e " ;
2023-09-18 15:45:26 +02:00
}
2023-09-20 15:39:26 +02:00
{ # yodaTux, yodaYoga
2023-09-18 15:45:26 +02:00
filters = ''
The system will suspend now !
2023-09-20 15:39:26 +02:00
System is powering down \ .
2023-09-18 15:45:26 +02:00
'' ;
match = " _ S Y S T E M D _ U N I T = s y s t e m d - l o g i n d . s e r v i c e " ;
}
{ # yodaTux
filters = ''
2023-09-20 15:39:26 +02:00
Reexecuting \ .
( finished ) ? switching to system configuration /nix/store/.+-nixos-system-.+- [ 0 -9 ] + \ . [ 0 -9 ] + pre-git
2023-09-18 15:45:26 +02:00
'' ;
match = " _ S Y S T E M D _ U N I T = u s e r @ 0 . s e r v i c e " ;
}
{ # yodaTux
filters = ''
2023-09-20 15:39:26 +02:00
Reexecuting \ .
2023-09-18 15:45:26 +02:00
( finished ) ? switching to system configuration /nix/store/.+-nixos-system-.+- [ 0 -9 ] + \ . [ 0 -9 ] + pre-git
'' ;
match = " _ S Y S T E M D _ U N I T = u s e r @ 1 0 0 0 . s e r v i c e " ;
}
{ # yodaTux
filters = ''
Reloading rules
2023-09-20 15:39:26 +02:00
Collecting garbage unconditionally \ . \ . \ .
2023-09-18 15:45:26 +02:00
Loading rules from directory /.+
Finished loading , compiling and executing [ 0 -9 ] + rules
'' ;
match = " _ S Y S T E M D _ U N I T = p o l k i t . s e r v i c e " ;
}
{ # yodaTux
filters = ''
. + error name = " o r g \. b l u e z \. M e d i a E n d p o i n t 1 \. E r r o r \. N o t I m p l e m e n t e d " . +
2023-09-20 11:34:32 +02:00
# Open issue: https://github.com/NixOS/nixpkgs/issues/79220
Unknown username . + in message bus configuration file
2023-09-18 15:45:26 +02:00
'' ;
2023-09-18 22:02:25 +02:00
match = " _ S Y S T E M D _ U N I T = d b u s . s e r v i c e " ;
}
2023-09-20 11:34:32 +02:00
{ # yodaTux
filters = ''
2023-09-20 13:38:26 +02:00
Mounted /dev / \ S + at / \ S + on behalf of uid [ 0 -9 ] +
Cleaning up mount point / \ S + \ ( device \ S + is not mounted \ )
Unmounted /dev / \ S + on behalf of uid [ 0 -9 ] +
Successfully sent SCSI command SYNCHRONIZE CACHE to /dev / \ S +
Successfully sent SCSI command START STOP UNIT to /dev / \ S +
Powered off /dev / \ S + - successfully wrote to sysfs path /sys/devices / \ S +
2023-09-20 11:34:32 +02:00
'' ;
2023-09-20 13:38:26 +02:00
match = " _ S Y S T E M D _ U N I T = u d i s k s 2 . s e r v i c e " ;
}
#
# SYSLOG_IDENTIFIER
#
{ # yodaTux. If the user `yoda` runs a command with `sudo`.
filters = ''
2023-09-20 14:48:30 +02:00
\ s + yoda : TTY = pts/1 ; PWD = / \ S + ; USER = root ; COMMAND = /.+
\ s + yoda : TTY = pts/7 ; PWD = / \ S + ; USER = root ; COMMAND = /.+
2023-09-20 13:38:26 +02:00
'' ;
match = " S Y S L O G _ I D E N T I F I E R = s u d o " ;
}
{ # yodaYoga
filters = ''
( finished ) ? switching to system configuration /nix/store/.+-nixos-system-.+- [ 0 -9 ] + \ . [ 0 -9 ] + pre-git
'' ;
match = " S Y S L O G _ I D E N T I F I E R = n i x o s " ;
2023-09-20 11:34:32 +02:00
}
2023-09-20 15:39:26 +02:00
{ # yodaYoga
filters = ''
docker \ . service : Consumed [ 0 -9 ] + h [ 0 -9 ] + min [ 0 -9 ] + \ . [ 0 -9 ] + s CPU time , read [ 0 -9 ] + \ . [ 0 -9 ] + M from disk , written [ 0 -9 ] + \ . [ 0 -9 ] + G to disk , received [ 0 -9 ] + \ . [ 0 -9 ] + M IP traffic , sent [ 0 -9 ] + \ . [ 0 -9 ] + M IP traffic \ .
#
Shutting down \ .
'' ;
match = " S Y S L O G _ I D E N T I F I E R = s y s t e m d " ;
}
2023-09-18 22:02:25 +02:00
{ # yodaTux
filters = ''
. *
'' ;
match = " S Y S L O G _ I D E N T I F I E R = / / n i x / s t o r e / . + / l i b e x e c / g d m - x - s e s s i o n / " ;
2023-09-18 15:45:26 +02:00
}
{ # yodaTux
filters = ''
2023-09-20 22:24:33 +02:00
# Bug.
2023-09-18 15:45:26 +02:00
ACPI : FW issue : working around C-state latencies out of order
# Kernel WiFi driver bug.
2023-09-20 22:24:33 +02:00
#iwlwifi 0000:01:00.0: .*
# Ignore.
2023-09-20 11:34:32 +02:00
random : crng reseeded on system resumption
2023-09-20 22:24:33 +02:00
# Ignore.
2023-09-20 13:38:26 +02:00
sd 2 : 0 : 0 : 0 : [ sda ] [ 0 -9 ] + 5 1 2 - byte logical blocks : \ ( [ 0 -9 ] + GB / [ 0 -9 ] + GiB \ )
sd 2 : 0 : 0 : 0 : [ sda ] Write Protect is off
sd 2 : 0 : 0 : 0 : [ sda ] Write cache : enabled , read cache : enabled , doesn't support DPO or FUA
sd 2 : 0 : 0 : 0 : [ sda ] Optimal transfer size [ 0 -9 ] + bytes not a multiple of preferred minimum block size ( 4096 bytes )
sd 2 : 0 : 0 : 0 : [ sda ] Attached SCSI disk
2023-09-18 15:45:26 +02:00
'' ;
match = " S Y S L O G _ I D E N T I F I E R = k e r n e l " ;
}
2023-09-20 11:34:32 +02:00
{ # yodaTux
filters = ''
. *
'' ;
match = " S Y S L O G _ I D E N T I F I E R = s i m p l e - s c a n " ;
}
2023-09-20 13:38:26 +02:00
#
# _SYSTEMD_USER_UNIT
#
{ # yodaTux
filters = ''
. + Setting AttentionNeeded to FALSE because EnsureCredentials \ ( \ ) succeded
'' ;
match = " _ S Y S T E M D _ U S E R _ U N I T = d b u s . s e r v i c e " ;
}
2023-09-20 11:34:32 +02:00
{ # yodaTux
filters = ''
. *
'' ;
match = " _ S Y S T E M D _ U S E R _ U N I T = / ( o r g \. g n o m e \. . + \. s e r v i c e | p i p e w i r e \. s e r v i c e | w i r e p l u m b e r \. s e r v i c e ) / " ;
}
2023-09-18 15:32:43 +02:00
] ;
} ;
}
