parent
9cc6250994
commit
14d5caa4b4
@ -0,0 +1,3 @@
|
||||
ansible_python_interpreter: /usr/bin/python3
|
||||
interactive: yes
|
||||
ansible_user: ubuntu
|
@ -0,0 +1,10 @@
|
||||
---
|
||||
sysloghost_netsys_port: "514"
|
||||
sysloghost_netcons_port: "5514"
|
||||
sysloghost_nettemp_port: "5515"
|
||||
sysloghost_all_ports:
|
||||
- "{{ sysloghost_netsys_port }}"
|
||||
- "{{ sysloghost_netcons_port }}"
|
||||
- "{{ sysloghost_nettemp_port }}"
|
||||
|
||||
sysloghost_share_mountpoint: ""
|
@ -0,0 +1,5 @@
|
||||
---
|
||||
- name: restart syslog-ng
|
||||
service:
|
||||
name: syslog-ng
|
||||
state: restarted
|
@ -0,0 +1,6 @@
|
||||
* syslog role
|
||||
skeleton build out right now.
|
||||
|
||||
** shit to fix
|
||||
- [ ] move away from NFS, but that's a wider problem
|
||||
- [ ] mount the synology as part of the play.
|
@ -0,0 +1,35 @@
|
||||
---
|
||||
- name: Install syslog-ng etc
|
||||
apt:
|
||||
name:
|
||||
- logrotate
|
||||
- syslog-ng
|
||||
- nsf-common # required for mounting the idiot nfs thing over idiot nfs, the worst fs.
|
||||
state: latest
|
||||
|
||||
|
||||
- name: Configure firewall (Ubuntu)
|
||||
block:
|
||||
- name: Configure syslog UDP ports (Ubuntu)
|
||||
ufw: port={{ item }} proto=udp rule=allow
|
||||
with_items: "{{ sysloghost_all_ports }}"
|
||||
- name: Configure syslog TCP ports (Ubuntu)
|
||||
ufw: port={{ item }} proto=tcp rule=allow
|
||||
with_items: "{{ sysloghost_all_ports }}"
|
||||
when: ansible_distribution == "Ubuntu"
|
||||
|
||||
- name: Apply syslog-ng configuration
|
||||
template:
|
||||
src: syslog-ng.conf.j2
|
||||
dest: /etc/syslog-ng/syslog-ng.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0644"
|
||||
notify: restart syslog-ng
|
||||
|
||||
|
||||
|
||||
- name: Start syslog-ng
|
||||
service:
|
||||
name: syslog-ng
|
||||
state: started
|
@ -0,0 +1,106 @@
|
||||
@version:3.25
|
||||
@include "scl.conf"
|
||||
|
||||
# syslog-ng configuration file.
|
||||
# See syslog-ng(8) and syslog-ng.conf(5) for more information.
|
||||
# Note: it also sources additional configuration files (*.conf)
|
||||
# located in /etc/syslog-ng/conf.d/
|
||||
|
||||
|
||||
#
|
||||
# Options
|
||||
#
|
||||
options {
|
||||
flush_lines (0);
|
||||
time_reopen (10);
|
||||
log_fifo_size (1000);
|
||||
chain_hostnames (off);
|
||||
use_dns (no);
|
||||
use_fqdn (no);
|
||||
create_dirs (yes);
|
||||
keep_hostname (yes);
|
||||
};
|
||||
|
||||
|
||||
#
|
||||
# Sources
|
||||
#
|
||||
|
||||
# Local system logs
|
||||
source s_sys { system(); internal(); };
|
||||
|
||||
# Remote system logs, standard syslog ports on TCP/UDP
|
||||
source s_netsys { udp(port({{ sysloghost_netsys_port }})); tcp(port({{ sysloghost_netsys_port }})); };
|
||||
|
||||
# Remote netconsole logs, Linux kernel messages over the network
|
||||
source s_netcons { udp(port({{ sysloghost_netcons_port }})); tcp(port({{ sysloghost_netcons_port }})); };
|
||||
|
||||
# Remote temporal logs, stuff that might log often and be archived for only a short time
|
||||
source s_nettemp { udp(port({{ sysloghost_nettemp_port }})); tcp(port({{ sysloghost_nettemp_port }})); };
|
||||
|
||||
|
||||
#
|
||||
# Destinations
|
||||
#
|
||||
destination d_cons { file("/dev/console"); };
|
||||
destination d_mesg { file("/var/log/messages"); };
|
||||
destination d_auth { file("/var/log/secure"); };
|
||||
destination d_mail { file("/var/log/maillog" flush_lines(10)); };
|
||||
destination d_spol { file("/var/log/spooler"); };
|
||||
destination d_boot { file("/var/log/boot.log"); };
|
||||
destination d_cron { file("/var/log/cron"); };
|
||||
destination d_kern { file("/var/log/kern"); };
|
||||
destination d_localall { file("/var/log/localall.log"); };
|
||||
destination d_mlal { usertty("*"); };
|
||||
|
||||
destination d_nas_syslog { file("{{ sysloghost_share_mountpoint }}/$HOST.syslog.log.$R_YEAR$R_MONTH$R_DAY"); };
|
||||
destination d_nas_netcons { file("{{ sysloghost_share_mountpoint }}/$HOST.netconsole.log.$R_YEAR$R_MONTH$R_DAY"); };
|
||||
destination d_nas_localtest { file("/var/log/all.log.$R_YEAR$R_MONTH$R_DAY"); };
|
||||
destination d_nas_nettemp { file("{{ sysloghost_share_mountpoint }}/$HOST.temporal.log.$R_YEAR$R_MONTH$R_DAY"); };
|
||||
|
||||
|
||||
#
|
||||
# Filters
|
||||
#
|
||||
filter f_kernel { facility(kern); };
|
||||
filter f_default { level(info..emerg) and
|
||||
not (facility(mail)
|
||||
or facility(authpriv)
|
||||
or facility(cron)); };
|
||||
filter f_auth { facility(authpriv); };
|
||||
filter f_mail { facility(mail); };
|
||||
filter f_emergency { level(emerg); };
|
||||
filter f_news { facility(uucp) or
|
||||
(facility(news)
|
||||
and level(crit..emerg)); };
|
||||
filter f_boot { facility(local7); };
|
||||
filter f_cron { facility(cron); };
|
||||
|
||||
|
||||
#
|
||||
# Logs
|
||||
#
|
||||
#log { source(s_sys); filter(f_kernel); destination(d_cons); };
|
||||
log { source(s_sys); filter(f_kernel); destination(d_kern); };
|
||||
log { source(s_sys); filter(f_default); destination(d_mesg); };
|
||||
log { source(s_sys); filter(f_auth); destination(d_auth); };
|
||||
log { source(s_sys); filter(f_mail); destination(d_mail); };
|
||||
log { source(s_sys); filter(f_emergency); destination(d_mlal); };
|
||||
log { source(s_sys); filter(f_news); destination(d_spol); };
|
||||
log { source(s_sys); filter(f_boot); destination(d_boot); };
|
||||
log { source(s_sys); filter(f_cron); destination(d_cron); };
|
||||
|
||||
log { source(s_sys); destination(d_localall); destination(d_nas_syslog); };
|
||||
log { source(s_netsys); destination(d_nas_syslog); };
|
||||
log { source(s_netcons); destination(d_nas_netcons); };
|
||||
log { source(s_nettemp); destination(d_nas_nettemp); };
|
||||
|
||||
|
||||
#
|
||||
# Other
|
||||
#
|
||||
# Source additional configuration files (.conf extension only)
|
||||
@include "/etc/syslog-ng/conf.d/*.conf"
|
||||
|
||||
|
||||
# vim:ft=syslog-ng:ai:si:ts=4:sw=4:et:
|
Loading…
Reference in new issue