Centralisation des journaux (pas encore Elastic) #40
4 changed files with 85 additions and 0 deletions
4
roles/rsyslog_collector/defaults/main.yml
Normal file
4
roles/rsyslog_collector/defaults/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
rsyslog_inputs: []
|
||||
rsyslog_collector_base_dir: /var/log/remote
|
||||
...
|
4
roles/rsyslog_collector/meta/main.yml
Normal file
4
roles/rsyslog_collector/meta/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: rsyslog_common
|
||||
...
|
24
roles/rsyslog_collector/tasks/main.yml
Normal file
24
roles/rsyslog_collector/tasks/main.yml
Normal file
|
@ -0,0 +1,24 @@
|
|||
---
|
||||
- name: Install rsyslog-relp if needed
|
||||
become: true
|
||||
apt:
|
||||
name: rsyslog-relp
|
||||
state: latest
|
||||
when: "rsyslog_inputs | selectattr('proto', 'eq', 'relp') | list"
|
||||
|
||||
- name: Ensure log storage directory exists
|
||||
become: true
|
||||
file:
|
||||
path: "{{ rsyslog_collector_base_dir }}"
|
||||
state: directory
|
||||
|
||||
- name: Deploy rsyslog input configuration file
|
||||
become: true
|
||||
template:
|
||||
src: 10-collector.conf.j2
|
||||
dest: /etc/rsyslog.d/10-collector.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: u=rw,g=r,o=r
|
||||
notify: Restart rsyslog
|
||||
...
|
53
roles/rsyslog_collector/templates/10-collector.conf.j2
Normal file
53
roles/rsyslog_collector/templates/10-collector.conf.j2
Normal file
|
@ -0,0 +1,53 @@
|
|||
{{ ansible_managed | comment }}
|
||||
|
||||
module(load="mmrm1stspace")
|
||||
|
||||
{%
|
||||
set input_modules = {
|
||||
"relp": "imrelp",
|
||||
"udp": "imudp",
|
||||
}
|
||||
%}
|
||||
|
||||
{%
|
||||
for module in rsyslog_inputs
|
||||
| map(attribute="proto")
|
||||
| map("extract", input_modules)
|
||||
| list
|
||||
| unique
|
||||
%}
|
||||
module(load="{{ module }}")
|
||||
{% endfor %}
|
||||
|
||||
template(name="incomingFilename" type="list") {
|
||||
constant(value="{{ rsyslog_collector_base_dir }}/")
|
||||
property(name="fromhost-ip")
|
||||
constant(value="/")
|
||||
property(name="timegenerated" dateFormat="year")
|
||||
constant(value="-")
|
||||
property(name="timegenerated" dateFormat="month")
|
||||
constant(value="-")
|
||||
property(name="timegenerated" dateFormat="day")
|
||||
constant(value=".log")
|
||||
}
|
||||
|
||||
ruleset(name="handleIncomingLogs") {
|
||||
action(type="mmrm1stspace")
|
||||
action(
|
||||
type="omfile"
|
||||
dynaFile="incomingFilename"
|
||||
template="RSYSLOG_FileFormat"
|
||||
)
|
||||
}
|
||||
|
||||
# TODO: add protocol-specific options (eg. TLS)
|
||||
{% for input in rsyslog_inputs %}
|
||||
input(
|
||||
type="{{ input_modules[input.proto] }}"
|
||||
{% if "address" in input %}
|
||||
address="{{ input.address }}"
|
||||
{% endif %}
|
||||
port="{{ input.port }}"
|
||||
ruleset="handleIncomingLogs"
|
||||
)
|
||||
{% endfor %}
|
Loading…
Reference in a new issue