feat: adding network syslog quickstart

install/network/syslog/install.yml

@@ -0,0 +1,16 @@
+id: network-syslog
+name: Syslog
+title: Network Syslog collection
+description: |
+  Install NPM for syslog collection using a simple Docker container.
+
+target:
+  type: agent
+  destination: host
+  os:
+    - linux
+
+install:
+  mode: link
+  destination:
+    url: https://docs.newrelic.com/docs/network-performance-monitoring/setup-performance-monitoring/network-syslog-monitoring/

quickstarts/network-syslog/config.yml

@@ -0,0 +1,45 @@
+# Name of the quickstart (required)
+name: network-syslog
+
+# Displayed in the UI (required)
+title: Network Syslog
+
+# Long-form description of the quickstart (required)
+description: |
+  The Network Syslog quickstart provides a dashboard that gives you a holistic view of collected syslogs from your network.
+  Use this quickstart together with New Relic's Network Performance Monitoring (NPM) feature to analyze and alert on system messages in your network.
+
+# Displayed in search results and recommendations. Summarizes a quickstarts functionality.
+summary: |
+  Syslog monitoring from NPM gives you valuable insights into potential issues and changes within your network.
+
+# Support level: New Relic | Verified | Community (required)
+level: Verified
+
+# Authors of the quickstart (required)
+authors:
+  - New Relic
+  - Zack Mutchler
+
+# Keywords for filtering / searching criteria in the UI
+keywords:
+  - npm
+  - network
+  - networking
+  - logging
+  - ktranslate
+  - kentik
+  - featured
+  - infrastructure
+
+documentation:
+  - name: Network syslog installation docs
+    url: https://docs.newrelic.com/docs/network-performance-monitoring/setup-performance-monitoring/network-syslog-monitoring/
+    description: |
+      Install NPM for syslog collection using a simple Docker container.
+
+installPlans:
+  - network-syslog
+
+# Content / Design
+logo: logo.svg

quickstarts/network-syslog/dashboards/network-syslog.json

@@ -0,0 +1,221 @@
+{
+  "name": "Network Syslog Overview",
+  "description": null,
+  "pages": [
+    {
+      "name": "Network Syslog Overview",
+      "description": null,
+      "widgets": [
+        {
+          "visualization": {
+            "id": "viz.billboard"
+          },
+          "layout": {
+            "column": 1,
+            "row": 1,
+            "height": 1,
+            "width": 3
+          },
+          "title": "",
+          "rawConfiguration": {
+            "dataFormatters": [],
+            "nrqlQueries": [
+              {
+                "accountId": 0,
+                "query": "FROM Log SELECT rate(count(*), 1 MINUTE) AS 'Messages/min, Compared with Yesterday' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' COMPARE WITH 24 HOURS AGO"
+              }
+            ],
+            "thresholds": []
+          },
+          "linkedEntityGuids": null
+        },
+        {
+          "visualization": {
+            "id": "viz.area"
+          },
+          "layout": {
+            "column": 4,
+            "row": 1,
+            "height": 4,
+            "width": 3
+          },
+          "title": "Top 10 - Messages per Device",
+          "rawConfiguration": {
+            "dataFormatters": [],
+            "facet": {
+              "showOtherSeries": false
+            },
+            "legend": {
+              "enabled": true
+            },
+            "nrqlQueries": [
+              {
+                "accountId": 0,
+                "query": "FROM Log SELECT rate(count(*), 1 MINUTE) AS 'Messages/min' FACET device_name WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' TIMESERIES LIMIT 10"
+              }
+            ]
+          },
+          "linkedEntityGuids": null
+        },
+        {
+          "visualization": {
+            "id": "viz.pie"
+          },
+          "layout": {
+            "column": 7,
+            "row": 1,
+            "height": 4,
+            "width": 3
+          },
+          "title": "Messages by Severity",
+          "rawConfiguration": {
+            "dataFormatters": [],
+            "facet": {
+              "showOtherSeries": false
+            },
+            "legend": {
+              "enabled": true
+            },
+            "nrqlQueries": [
+              {
+                "accountId": 0,
+                "query": "FROM Log SELECT count(*) AS 'Syslog' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' FACET CASES (WHERE severity = 0 AS 'Emergency', WHERE severity = 1 AS 'Alert', WHERE severity = 2 AS 'Critical', WHERE severity = 3 AS 'Error', WHERE severity = 4 AS 'Warning', WHERE severity = 5 AS 'Notice', WHERE severity = 6 AS 'Informational', WHERE severity = 7 AS 'Debug' ) "
+              }
+            ]
+          },
+          "linkedEntityGuids": null
+        },
+        {
+          "visualization": {
+            "id": "viz.pie"
+          },
+          "layout": {
+            "column": 10,
+            "row": 1,
+            "height": 4,
+            "width": 3
+          },
+          "title": "Messages by Facility",
+          "rawConfiguration": {
+            "facet": {
+              "showOtherSeries": false
+            },
+            "nrqlQueries": [
+              {
+                "accountId": 0,
+                "query": "FROM Log SELECT count(*) AS 'Syslog' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' FACET CASES (WHERE facility = 0 AS 'kernel messages', WHERE facility = 1 AS 'user-level messages', WHERE facility = 2 AS 'mail system', WHERE facility = 3 AS 'system daemons', WHERE facility = 4 AS 'security/authorization messages', WHERE facility = 5 AS 'internal syslog', WHERE facility = 6 AS 'line printer subsystem', WHERE facility = 7 AS 'network news subsystem', WHERE facility = 8 AS 'UUCP subsystem', WHERE facility = 9 AS 'clock daemon', WHERE facility = 10 AS 'security/authorization messages', WHERE facility = 11 AS 'FTP daemon', WHERE facility = 12 AS 'NTP subsystem', WHERE facility = 13 AS 'log audit', WHERE facility = 14 AS 'log alert', WHERE facility = 15 AS 'clock daemon', WHERE facility = 16 AS 'local0', WHERE facility = 17 AS 'local1', WHERE facility = 18 AS 'local2', WHERE facility = 19 AS 'local3', WHERE facility = 20 AS 'local4', WHERE facility = 21 AS 'local5', WHERE facility = 22 AS 'local6', WHERE facility = 23 AS 'local7')"
+              }
+            ]
+          },
+          "linkedEntityGuids": null
+        },
+        {
+          "visualization": {
+            "id": "viz.area"
+          },
+          "layout": {
+            "column": 1,
+            "row": 2,
+            "height": 3,
+            "width": 3
+          },
+          "title": "Total Messages/min",
+          "rawConfiguration": {
+            "dataFormatters": [],
+            "legend": {
+              "enabled": false
+            },
+            "nrqlQueries": [
+              {
+                "accountId": 0,
+                "query": "FROM Log SELECT rate(count(*), 1 MINUTE) AS 'Messages/min' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' TIMESERIES "
+              }
+            ]
+          },
+          "linkedEntityGuids": null
+        },
+        {
+          "visualization": {
+            "id": "viz.table"
+          },
+          "layout": {
+            "column": 1,
+            "row": 5,
+            "height": 5,
+            "width": 12
+          },
+          "title": "Syslog Messages",
+          "rawConfiguration": {
+            "dataFormatters": [],
+            "facet": {
+              "showOtherSeries": false
+            },
+            "nrqlQueries": [
+              {
+                "accountId": 0,
+                "query": "FROM Log SELECT timestamp, device_name, client, message WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' LIMIT MAX"
+              }
+            ]
+          },
+          "linkedEntityGuids": null
+        },
+        {
+          "visualization": {
+            "id": "viz.table"
+          },
+          "layout": {
+            "column": 1,
+            "row": 10,
+            "height": 4,
+            "width": 4
+          },
+          "title": "Top 5 - Message Patterns",
+          "rawConfiguration": {
+            "dataFormatters": [],
+            "facet": {
+              "showOtherSeries": false
+            },
+            "nrqlQueries": [
+              {
+                "accountId": 0,
+                "query": "FROM Log SELECT uniqueCount(messageId) AS 'COUNT' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' AND newrelic.logPattern != 'nr.DID_NOT_MATCH' FACET newrelic.logPattern AS 'LOG PATTERN' LIMIT 5"
+              }
+            ]
+          },
+          "linkedEntityGuids": null
+        },
+        {
+          "visualization": {
+            "id": "viz.area"
+          },
+          "layout": {
+            "column": 5,
+            "row": 10,
+            "height": 4,
+            "width": 8
+          },
+          "title": "Top 5 - Message Patterns",
+          "rawConfiguration": {
+            "dataFormatters": [],
+            "facet": {
+              "showOtherSeries": false
+            },
+            "legend": {
+              "enabled": true
+            },
+            "nrqlQueries": [
+              {
+                "accountId": 0,
+                "query": "FROM Log SELECT uniqueCount(messageId) AS 'COUNT' WHERE instrumentation.provider = 'kentik' AND plugin.type = 'ktranslate-syslog' AND newrelic.logPattern != 'nr.DID_NOT_MATCH' FACET newrelic.logPattern AS 'LOG PATTERN' TIMESERIES LIMIT 5"
+              }
+            ],
+            "yAxisLeft": {
+              "zero": true
+            }
+          },
+          "linkedEntityGuids": null
+        }
+      ]
+    }
+  ]
+}