Centralisation des journaux (pas encore Elastic) #40

Manually merged

jeltz merged 24 commits from logs-first-phase into master 2024-07-01 01:55:28 +02:00

Conversation 0 Commits 24 Files changed 30 +486 -2

jeltz commented 2021-03-12 10:23:02 +01:00

Owner

Copy link

No description provided.

jeltz added 22 commits 2021-03-12 10:23:04 +01:00

Add log.adm.auro.re to inventory 89181c6cd6

Add rsyslog_common role 6263c31785

Add rsyslog_collector role 7fd1b5ff5d

Add logging configuration for log.adm.auro.re 4a43bf8a16

Add log.yml playbook 02a8cb84df

Fix the ordering of rsyslog.d files ... ba8b4e8c29

A call to sendLogsToRemote for logs received through RELP/UDP has
been added (to send them to Logstash/Redis/…), so common.conf's prefix
must be lower than collector.conf's.

Note: future "third-party" config files will also call sendLogsToRemote
and thus will also have to use a prefix higher than 10.

Add explicit permissions for directories f7183095c1

Compress and delete old remote logs ... c65b3f090b

Logrotate is not used because I didn't found an easy way to configure it
to handle the compression/deletion of log files already rotated by
rsyslog (it is probably possible, but I found the script to be easier).

Fix typo in 20-collector.conf.j2 e4b58c0bf4

Use 'true' instead of 'yes' 9252249d18

Do not rate limit collection of journald logs cdb9f88614

Send nginx logs to local syslog 9547868c7d

Fix typos in rotate-remote-logs.service.j2 acd5721a5b

Remove useless date (already added by journald) 8f815a30c5

Add ignored destinations for firewall logs b13b22da05

Remove 10.129.0.1 gateway on routeur-aurore-* 0f55b90de9

Fix broadcast address on routeur-aurore 1f6bfeee23

Use 'simple' instead of 'oneshot' (rotate service) ee041b9ead

Don't use 'imjournal' ('imuxsock' is already used) ... 529550f594

I still don't understand why it increased the size of the firewall logs
by a factor of 5 to 10, but we don't really need structured logs from
systemd-journald and the author seems to discourage it's use, so I will
not investigate further.

Define rsyslog_{inputs,outputs} for all hosts 5d319cf167

Remove some duplicate logs from syslog.log 77a5fdac6f

Forward journald logs to rsyslog 6525508401

jeltz manually merged commit 11578494ec into master 2021-03-30 07:52:13 +02:00

pz2891 referenced this pull request from a commit 2021-03-30 09:30:29 +02:00

Merge pull request 'Centralisation des journaux (pas encore Elastic)' (#40) from logs-first-phase into master

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: aurore/ansible#40

No description provided.