LogLynx Веб-интерфейс для анализа логов

Makefile

@@ -267,6 +267,7 @@ docker-compose-up: ## Запустить кластер (3 ноды)
 	@echo "Grafana: http://localhost:3000"
 	@echo "ObserverWeb: http://localhost:4000/observer/"
 	@echo "Traefik: http://localhost:8080"
+	@echo "LogLynx: http://localhost:6123"
 
 docker-compose-down: ## Остановить кластер
 	@echo "Остановка кластера..."

docker/docker-compose.yml

@@ -1,22 +1,26 @@
 # docker/docker-compose.yml
 services:
-  # ================== Балансировщик нагрузки (HTTPS/WSS) ==================
+  # ================== Балансировщик (HTTPS/WSS, WAF, логи) ==================
   traefik:
     image: traefik:latest
-    user: "0:1001"   # группа docker на хосте (подберите под свою систему, см. ls -la /var/run/docker.sock)
+    user: "0:1001"   # группа docker на хосте
     command:
-      - "--api.insecure=true"                                      # дашборд (можно удалить в production)
+      - "--api.insecure=true"
       - "--providers.docker=true"
       - "--providers.docker.exposedbydefault=false"
-      - "--providers.file.filename=/etc/traefik/dynamic_conf.yml" # самоподписанный сертификат, редирект и failover
-      - "--entrypoints.web.address=:80"                            # HTTP (для редиректа)
-      - "--entrypoints.websecure.address=:443"                    # HTTPS/WSS
-      # Метрики Prometheus
+      - "--providers.file.filename=/etc/traefik/dynamic_conf.yml"
+      - "--entrypoints.web.address=:80"
+      - "--entrypoints.websecure.address=:443"
+      # Метрики
       - "--metrics.prometheus=true"
       - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0"
       - "--metrics.prometheus.addEntryPointsLabels=true"
       - "--metrics.prometheus.addServicesLabels=true"
-      # --- Coraza WAF ---
+      # Логи доступа (JSON)
+      - "--accesslog=true"
+      - "--accesslog.filepath=/var/log/traefik/access.log"
+      - "--accesslog.format=json"
+      # Coraza WAF
       - "--experimental.plugins.coraza.modulename=github.com/jcchavezs/coraza-http-wasm-traefik"
       - "--experimental.plugins.coraza.version=v0.2.0"
     ports:
@@ -26,13 +30,14 @@ services:
       - "8080:8080"
     volumes:
       - "/var/run/docker.sock:/var/run/docker.sock:ro"
-      - "./traefik/certs:/etc/traefik/certs:ro"                    # самоподписанный сертификат
+      - "./traefik/certs:/etc/traefik/certs:ro"
       - "./traefik/dynamic_conf.yml:/etc/traefik/dynamic_conf.yml:ro"
+      - "traefik-logs:/var/log/traefik"                 # для LogLynx
     networks:
       - eventhub-net
     restart: unless-stopped
 
-  # ================== Сервис-заглушка для Failover ==================
+  # ================== Сервис-заглушка (Failover) ==================
   fallback:
     build:
       context: ./fallback
@@ -132,6 +137,23 @@ services:
       - "3000:3000"
     restart: unless-stopped
 
+  # ================== Аналитика логов ==================
+  loglynx:
+    image: k0lin/loglynx:latest
+    user: root
+    restart: unless-stopped
+    ports:
+      - "6123:6123"
+    volumes:
+      - traefik-logs:/app/traefik/logs:ro
+      - loglynx-data:/app/data
+    environment:
+      - TRAEFIK_LOG_PATH=${TRAEFIK_LOG_PATH}
+      - SERVER_PORT=6123
+      - DATABASE_PATH=/app/data/loglynx.db
+    networks:
+      - eventhub-net
+
   # ================== Инструмент отладки ==================
   observer_web:
     build:
@@ -145,7 +167,6 @@ services:
       - "4000:4000"
     restart: unless-stopped
 
-# ================== Сети и тома ==================
 networks:
   eventhub-net:
     driver: bridge
@@ -155,4 +176,6 @@ volumes:
   eventhub-node2-data:
   eventhub-node3-data:
   prometheus-data:
-  grafana-data:
+  grafana-data:
+  traefik-logs:
+  loglynx-data:

docker/traefik/dynamic_conf.yml

@@ -27,7 +27,7 @@ http:
             - "SecRule ARGS \"@rx (union|select|insert|drop|alter)\" \"id:102,phase:2,log,deny,status:403\""
 
   routers:
-    # --- REST API пользователей ---
+    # REST API пользователей
     api:
       rule: "Host(`api.eventhub.local`)"
       entryPoints: ["web"]
@@ -40,7 +40,7 @@ http:
       middlewares: ["waf"]
       service: "api"
 
-    # --- WebSocket пользователей ---
+    # WebSocket пользователей (без WAF)
     ws:
       rule: "Host(`ws.eventhub.local`)"
       entryPoints: ["web"]
@@ -52,7 +52,7 @@ http:
       tls: true
       service: "ws"
 
-    # --- Админский REST ---
+    # Админский REST
     admin-api:
       rule: "Host(`admin.eventhub.local`)"
       entryPoints: ["web"]
@@ -65,7 +65,7 @@ http:
       middlewares: ["waf"]
       service: "admin-api"
 
-    # --- Админский WebSocket ---
+    # Админский WebSocket (без WAF)
     admin-ws:
       rule: "Host(`admin-ws.eventhub.local`)"
       entryPoints: ["web"]
@@ -78,7 +78,7 @@ http:
       service: "admin-ws"
 
   services:
-    # === Пользовательский REST API (failover) ===
+    # Пользовательский REST API (failover)
     api:
       failover:
         service: api-live
@@ -98,7 +98,7 @@ http:
         servers:
           - url: "http://fallback:80"
 
-    # === WebSocket пользователей ===
+    # Пользовательский WebSocket
     ws:
       loadbalancer:
         servers:
@@ -106,7 +106,7 @@ http:
           - url: "http://eventhub-node2:8081"
           - url: "http://eventhub-node3:8081"
 
-    # === Админский REST (failover) ===
+    # Админский REST (failover)
     admin-api:
       failover:
         service: admin-api-live
@@ -126,7 +126,7 @@ http:
         servers:
           - url: "http://fallback:80"
 
-    # === Админский WebSocket ===
+    # Админский WebSocket
     admin-ws:
       loadbalancer:
         servers: