configure managed hosts to forward syslog messages to logs.xai-corp.net via udp
This commit is contained in:
@@ -36,6 +36,13 @@
|
|||||||
|
|
||||||
- datadog_api_key: ca0faf176c4aedd4f547ed7cf85615eb
|
- datadog_api_key: ca0faf176c4aedd4f547ed7cf85615eb
|
||||||
|
|
||||||
|
- rsyslog:
|
||||||
|
user: root
|
||||||
|
group: root
|
||||||
|
service: rsyslog
|
||||||
|
configs:
|
||||||
|
- 49-shiptograylog
|
||||||
|
|
||||||
# prepare python for ansible
|
# prepare python for ansible
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
|
- raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal)
|
||||||
@@ -53,6 +60,7 @@
|
|||||||
roles:
|
roles:
|
||||||
- novuso.users
|
- novuso.users
|
||||||
- user-richard
|
- user-richard
|
||||||
|
- rsyslog
|
||||||
# - Datadog.datadog #does not support armhf architecture. should switch to fluentd or logstash
|
# - Datadog.datadog #does not support armhf architecture. should switch to fluentd or logstash
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
|
|||||||
8
roles/rsyslog/defaults/main.yml
Normal file
8
roles/rsyslog/defaults/main.yml
Normal file
@@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
# default values
|
||||||
|
|
||||||
|
rsyslog:
|
||||||
|
user: root
|
||||||
|
group: root
|
||||||
|
service: rsyslog
|
||||||
|
configs: []
|
||||||
9
roles/rsyslog/handlers/main.yml
Normal file
9
roles/rsyslog/handlers/main.yml
Normal file
@@ -0,0 +1,9 @@
|
|||||||
|
---
|
||||||
|
# handlers/main.yml
|
||||||
|
# define handlers here
|
||||||
|
|
||||||
|
- name: restart rsyslog
|
||||||
|
service: name={{ rsyslog.service }} state=restarted
|
||||||
|
|
||||||
|
- name: stop rsyslog
|
||||||
|
service: name={{ rsyslog.service }} state=stopped
|
||||||
15
roles/rsyslog/tasks/main.yml
Normal file
15
roles/rsyslog/tasks/main.yml
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
---
|
||||||
|
# main tasks for rsyslog config
|
||||||
|
|
||||||
|
- debug: var=rsyslog
|
||||||
|
|
||||||
|
- name: copy custom configs
|
||||||
|
template:
|
||||||
|
src: "{{ item }}.j2"
|
||||||
|
dest: /etc/rsyslog.d/{{ item }}.conf
|
||||||
|
owner: "{{ rsyslog.user }}"
|
||||||
|
group: "{{ rsyslog.group }}"
|
||||||
|
mode: 0644
|
||||||
|
with_items: "{{rsyslog.configs}}"
|
||||||
|
notify:
|
||||||
|
- restart rsyslog
|
||||||
1
roles/rsyslog/templates/49-shiptograylog.j2
Normal file
1
roles/rsyslog/templates/49-shiptograylog.j2
Normal file
@@ -0,0 +1 @@
|
|||||||
|
*.* @logs.xai-corp.net:514
|
||||||
68
roles/rsyslog/templates/50-default.conf
Normal file
68
roles/rsyslog/templates/50-default.conf
Normal file
@@ -0,0 +1,68 @@
|
|||||||
|
# Default rules for rsyslog.
|
||||||
|
#
|
||||||
|
# For more information see rsyslog.conf(5) and /etc/rsyslog.conf
|
||||||
|
|
||||||
|
#
|
||||||
|
# First some standard log files. Log by facility.
|
||||||
|
#
|
||||||
|
auth,authpriv.* /var/log/auth.log
|
||||||
|
*.*;auth,authpriv.none -/var/log/syslog
|
||||||
|
#cron.* /var/log/cron.log
|
||||||
|
#daemon.* -/var/log/daemon.log
|
||||||
|
kern.* -/var/log/kern.log
|
||||||
|
#lpr.* -/var/log/lpr.log
|
||||||
|
mail.* -/var/log/mail.log
|
||||||
|
#user.* -/var/log/user.log
|
||||||
|
|
||||||
|
#
|
||||||
|
# Logging for the mail system. Split it up so that
|
||||||
|
# it is easy to write scripts to parse these files.
|
||||||
|
#
|
||||||
|
#mail.info -/var/log/mail.info
|
||||||
|
#mail.warn -/var/log/mail.warn
|
||||||
|
mail.err /var/log/mail.err
|
||||||
|
|
||||||
|
#
|
||||||
|
# Logging for INN news system.
|
||||||
|
#
|
||||||
|
news.crit /var/log/news/news.crit
|
||||||
|
news.err /var/log/news/news.err
|
||||||
|
news.notice -/var/log/news/news.notice
|
||||||
|
|
||||||
|
#
|
||||||
|
# Some "catch-all" log files.
|
||||||
|
#
|
||||||
|
#*.=debug;\
|
||||||
|
# auth,authpriv.none;\
|
||||||
|
# news.none;mail.none -/var/log/debug
|
||||||
|
#*.=info;*.=notice;*.=warn;\
|
||||||
|
# auth,authpriv.none;\
|
||||||
|
# cron,daemon.none;\
|
||||||
|
# mail,news.none -/var/log/messages
|
||||||
|
|
||||||
|
#
|
||||||
|
# Emergencies are sent to everybody logged in.
|
||||||
|
#
|
||||||
|
*.emerg :omusrmsg:*
|
||||||
|
|
||||||
|
#
|
||||||
|
# I like to have messages displayed on the console, but only on a virtual
|
||||||
|
# console I usually leave idle.
|
||||||
|
#
|
||||||
|
#daemon,mail.*;\
|
||||||
|
# news.=crit;news.=err;news.=notice;\
|
||||||
|
# *.=debug;*.=info;\
|
||||||
|
# *.=notice;*.=warn /dev/tty8
|
||||||
|
|
||||||
|
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
|
||||||
|
# you must invoke `xconsole' with the `-file' option:
|
||||||
|
#
|
||||||
|
# $ xconsole -file /dev/xconsole [...]
|
||||||
|
#
|
||||||
|
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
|
||||||
|
# busy site..
|
||||||
|
#
|
||||||
|
daemon.*;mail.*;\
|
||||||
|
news.err;\
|
||||||
|
*.=debug;*.=info;\
|
||||||
|
*.=notice;*.=warn |/dev/xconsole
|
||||||
Reference in New Issue
Block a user