guisea/ansible-role-rsyslog
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Rework a bit the remote receiver setup (UDP/TCP server support) wrt #7

Browse Source
This commit is contained in:
Alessio Cassibba (x-drum)
2017-03-16 11:20:12 +01:00
parent 9c63ee5557
commit 97f3a46cef
4 changed files with 56 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
README.md
View File

@@ -36,6 +36,16 @@ and configuration can be overridden, for additional informations please have a l
**rsyslog_action_file_template**: Define a custom template for file logging (default: RSYSLOG_TraditionalFileFormat) **rsyslog_action_file_template**: Define a custom template for file logging (default: RSYSLOG_TraditionalFileFormat)
**rsyslog_priv_drop_to_user**: Drop root privileges and switch to given user (default: root) **rsyslog_priv_drop_to_user**: Drop root privileges and switch to given user (default: root)
**rsyslog_priv_drop_to_group**: Drop root privileges and switch to given group (default: root) **rsyslog_priv_drop_to_group**: Drop root privileges and switch to given group (default: root)
**rsyslog_server_udp**: Enable a simple UDP server receiver (default: False)
**rsyslog_server_udp_name**: Assign a name to the given receiver (default: "imudp")
**rsyslog_server_udp_port**: Specifies the port the server shall listen to (default: "514")
**rsyslog_server_udp_address**: Local ip address the udp server should listen (default: "0.0.0.0")
**rsyslog_server_udp_ratelimit**: The rate-limiting interval in seconds (default: "5")
**rsyslog_server_tcp**: Enable a simple TCP server receiver (default: False)
**rsyslog_server_tcp_name**: Assign a name to the given receiver (default: "imtcp")
**rsyslog_server_tcp_port**: Specifies the port the server shall listen to (default: "514")
**rsyslog_server_tcp_address**: Local ip address the tcp server should listen **POSSIBLY BROKEN** (default: "0.0.0.0")
**rsyslog_server_tcp_ratelimit**: The rate-limiting interval in seconds (default: "5")
Additional Role Variables: Additional Role Variables:
-------------- --------------
@@ -61,7 +71,6 @@ Example Playbook
```yaml ```yaml
- hosts: all - hosts: all
remote_user: root remote_user: root
sudo: no
vars: vars:
rsyslog_default_config: False rsyslog_default_config: False
roles: roles:
@@ -76,23 +85,33 @@ Example Playbook
- 'if $programname == "dovecot" and $syslogseverity <= "6" then ~' - 'if $programname == "dovecot" and $syslogseverity <= "6" then ~'
- '& ~' - '& ~'
``` ```
3) Install rsyslog, and specify a custom configuration template 3) Install rsyslog, specify a custom configuration template
```yaml ```yaml
- hosts: all - hosts: all
remote_user: root remote_user: root
sudo: no
vars: vars:
rsyslog_default_config: False rsyslog_default_config: False
rsyslog_custom_config: /home/servers/foo.bar/templates/rsyslog_custom.j2 rsyslog_custom_config: /home/servers/foo.bar/templates/rsyslog_custom.j2
roles: roles:
- role: rsyslog - role: rsyslog
``` ```
4) Enable rsyslog server
4) Install rsyslog using official repository packages, use major release 7
```
- hosts: all
remote_user: root
roles:
- { role: rsyslog, "use_repo": True, "repo_releasever": 7 }
```
5) Enable a simple rsyslog UDP server (receiver) for remote logging
```yaml ```yaml
- hosts: all - hosts: all
vars:
roles: roles:
- { role: ../../roles/ansible-rsyslog-custom, "rsyslog_server": yes } - role: rsyslog
rsyslog_server_udp_port: 514
rsyslog_server_udp_address: 192.168.200.201
``` ```
License License

12
defaults/main.yml
View File

@@ -16,6 +16,14 @@ use_repo: False
repo_releasever: 8 repo_releasever: 8
items: [] items: []
rsyslog_default_config: "True" rsyslog_default_config: "True"
rsyslog_server_udp: False
rsyslog_server_udp_name: "imudp"
rsyslog_server_udp_port: "514"
rsyslog_server_udp_address: "0.0.0.0"
rsyslog_server_udp_ratelimit: "5"
rsyslog_server_tcp: False
rsyslog_server_tcp_name: "imtcp"
rsyslog_server_tcp_port: "514"
rsyslog_server_tcp_address: "0.0.0.0"
rsyslog_server_tcp_ratelimit: "5"
rsyslog_os_supported: no rsyslog_os_supported: no
#rsyslog_server: no
rsyslog_network_port: "514"

13
templates/rsyslog.conf.j2
View File

@@ -25,9 +25,16 @@ $PrivDropToUser {{ rsyslog_priv_drop_to_user }}
$PrivDropToGroup {{ rsyslog_priv_drop_to_group }} $PrivDropToGroup {{ rsyslog_priv_drop_to_group }}
{% endif %} {% endif %}
{% if rsyslog_server is defined %} {% if rsyslog_server_udp %}
$ModLoad imtcp module(load="imudp")
$InputTCPServerRun {{ rsyslog_network_port }} input(type="imudp" inputname="{{ rsyslog_server_udp_name }}" port="{{ rsyslog_server_udp_port }}" address="{{ rsyslog_server_udp_address }}"
ratelimit.interval="{{ rsyslog_server_udp_ratelimit }}" SchedulingPolicy="fifo" )
{% endif %}
{% if rsyslog_server_tcp %}
module(load="imtcp" MaxSessions="500")
input(type="imtcp" name="{{ rsyslog_server_tcp_name }}" port="{{ rsyslog_server_tcp_port }}" address="{{ rsyslog_server_tcp_address }}"
ratelimit.interval="{{ rsyslog_server_tcp_ratelimit }}" )
{% endif %} {% endif %}
$IncludeConfig {{ rsyslog_include_path }}/*.conf $IncludeConfig {{ rsyslog_include_path }}/*.conf

11
test.yml
View File

@@ -12,6 +12,17 @@
purge_config: True purge_config: True
use_repo: False use_repo: False
repo_releasever: 7 repo_releasever: 7
rsyslog_action_file_template: "%rawmsg%\n"
rsyslog_server_udp: True
rsyslog_server_udp_name: "testUDPInput"
rsyslog_server_udp_port: "5514"
rsyslog_server_udp_address: "0.0.0.0"
rsyslog_server_udp_ratelimit: "15"
rsyslog_server_tcp: True
rsyslog_server_tcp_name: "testTCPInput"
rsyslog_server_tcp_port: "9514"
rsyslog_server_tcp_address: "0.0.0.0"
rsyslog_server_tcp_ratelimit: "25"
items: items:
- name: "20-iptables" - name: "20-iptables"
lines: lines: