aurore/ansible
aurore/ansible
11
2
Fork 0
Code Issues1 Pull requests13 Releases Wiki Activity

Centralisation des journaux (pas encore Elastic) #40

Manually merged
jeltz merged 24 commits from logs-first-phase into master 2024-07-01 01:55:28 +02:00
Conversation 0 Commits 24 Files changed 30 +486 -2

24 commits

Author SHA1 Message Date
Jeltz
637b74a2ad Fix some linter issues 2021-03-13 05:05:30 +01:00
Jeltz
f45cd77510 Merge branch 'master' into logs-first-phase 2021-03-13 05:02:30 +01:00
Jeltz
6525508401 Forward journald logs to rsyslog 2021-03-02 01:24:53 +01:00
Jeltz
77a5fdac6f Remove some duplicate logs from syslog.log 2021-03-02 00:56:28 +01:00
Jeltz
5d319cf167 Define rsyslog_{inputs,outputs} for all hosts 2021-03-02 00:52:38 +01:00
Jeltz
529550f594 Don't use 'imjournal' ('imuxsock' is already used) 
I still don't understand why it increased the size of the firewall logs
by a factor of 5 to 10, but we don't really need structured logs from
systemd-journald and the author seems to discourage it's use, so I will
not investigate further.
 2021-03-02 00:46:16 +01:00
Jeltz
ee041b9ead Use 'simple' instead of 'oneshot' (rotate service) 2021-03-02 00:14:25 +01:00
Jeltz
1f6bfeee23 Fix broadcast address on routeur-aurore 2021-03-01 20:04:38 +01:00
Jeltz
0f55b90de9 Remove 10.129.0.1 gateway on routeur-aurore-* 2021-03-01 20:04:02 +01:00
Jeltz
b13b22da05 Add ignored destinations for firewall logs 2021-03-01 19:39:11 +01:00
Jeltz
8f815a30c5 Remove useless date (already added by journald) 2021-03-01 17:47:12 +01:00
Jeltz
acd5721a5b Fix typos in rotate-remote-logs.service.j2 2021-03-01 17:45:17 +01:00
Jeltz
9547868c7d Send nginx logs to local syslog 2021-03-01 17:40:05 +01:00
Jeltz
cdb9f88614 Do not rate limit collection of journald logs 2021-03-01 16:31:52 +01:00
Jeltz
9252249d18 Use 'true' instead of 'yes' 2021-03-01 04:15:54 +01:00
Jeltz
e4b58c0bf4 Fix typo in 20-collector.conf.j2 2021-03-01 04:07:17 +01:00
Jeltz
c65b3f090b Compress and delete old remote logs 
Logrotate is not used because I didn't found an easy way to configure it
to handle the compression/deletion of log files already rotated by
rsyslog (it is probably possible, but I found the script to be easier).
 2021-03-01 03:58:58 +01:00
Jeltz
f7183095c1 Add explicit permissions for directories 2021-03-01 02:26:22 +01:00
Jeltz
ba8b4e8c29 Fix the ordering of rsyslog.d files 
A call to sendLogsToRemote for logs received through RELP/UDP has
been added (to send them to Logstash/Redis/…), so common.conf's prefix
must be lower than collector.conf's.

Note: future "third-party" config files will also call sendLogsToRemote
and thus will also have to use a prefix higher than 10.
 2021-03-01 02:15:28 +01:00
Jeltz
02a8cb84df Add log.yml playbook 2021-03-01 01:29:16 +01:00
Jeltz
4a43bf8a16 Add logging configuration for log.adm.auro.re 2021-03-01 01:28:30 +01:00
Jeltz
7fd1b5ff5d Add rsyslog_collector role 2021-03-01 01:27:56 +01:00
Jeltz
6263c31785 Add rsyslog_common role 2021-03-01 01:27:30 +01:00
Jeltz
89181c6cd6 Add log.adm.auro.re to inventory 2021-02-28 22:59:36 +01:00