ansible/roles/rsyslog_common/templates/99-common.conf.j2

109 lines
3 KiB
Text
Raw Normal View History

2021-03-01 01:27:30 +01:00
{{ ansible_managed | comment }}
{%
set output_modules = {
"relp": "omrelp",
"udp": "omfwd",
"redis": "omhiredis",
}
%}
global(
workDirectory="/var/spool/rsyslog"
preserveFQDN="on"
)
# Collect logs via /dev/log
module(load="imuxsock")
# Collect kernel logs
module(load="imklog")
# Collect systemd-journald logs
module(load="imjournal")
# Parse CEE logs
module(load="mmjsonparse")
# Load export modules
{%
for module in rsyslog_outputs
| map(attribute="proto")
| map("extract", output_modules)
| list
| unique
%}
module(load="{{ module }}")
{% endfor %}
# FIXME: Attention, il faut voir si rsyslog arrive bien à créer
# les fichiers de plusieurs jours (le 1er est peut-être crée avant
# de dropper les privilèges, mais les suivants je pense pas).
module(
load="builtin:omfile"
# Format avec dates précises
template="RSYSLOG_FileFormat"
fileOwner="root"
fileGroup="adm"
fileCreateMode="0640"
dirCreateMode="0755"
)
template(name="templateJson" type="list" option.jsonf="on") {
property(outname="hostname_reported" name="hostname" format="jsonf")
property(outname="src" name="fromhost-ip" format="jsonf")
property(outname="facility" name="syslogfacility-text" format="jsonf")
property(outname="program" name="programname" format="jsonf")
property(outname="pid" name="procid" format="jsonf")
property(outname="time_reported" name="timereported" format="jsonf"
dateformat="rfc3339")
property(outname="time_generated" name="timegenerated" format="jsonf"
dateformat="rfc3339")
property(outname="message" name="msg" format="jsonf")
}
ruleset(name="sendLogsToDisk") {
auth,authpriv.* action(type="omfile" file="/var/log/auth.log")
mail.* action(type="omfile" file="/var/log/mail.log" sync="off")
kern.* action(type="omfile" file="/var/log/kern.log")
*.*;auth,authpriv.none action(type="omfile" file="/var/log/syslog.log"
sync="off")
}
# Send logs to remote collector(s)
ruleset(name="sendLogsToRemote") {
{% for output in rsyslog_outputs %}
action(
type="{{ output_modules[output.proto] }}"
{% if output_modules[output.proto] == "omfwd" %}
protocol="{{ output.proto }}"
target="{{ output.address }}"
port="{{ output.port }}"
{% elif output_modules[output.proto] == "omhiredis" %}
server="{{ output.address }}"
serverport="{{ output.port }}"
mode="publish"
key="{{ output.key }}"
template="templateJson"
{% if output.password is defined %}
serverpassword="{{ output.password }}"
{% endif %}
{% elif output_modules[output.proto] == "omrelp" %}
target="{{ output.address }}"
port="{{ output.port }}"
{% endif %}
{% if loop.index > 1 and output.fallback %}
action.execOnlyWhenPreviousIsSuspended="on"
{% endif %}
)
{% endfor %}
}
# Send local logs to files (useful for debugging or if the collector is down)
call sendLogsToDisk
# Send local logs to the remote collector
call sendLogsToRemote