From 7f069dc47c318e9047a3ae7a29a90f3471610e34 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Wed, 15 Apr 2015 09:36:30 -0700
Subject: fix tapicero & webapp logs: remove heartbeat log check, move to
 /var/log/tapicero, fix webapp logwatch location.

---
 .../site_check_mk/files/agent/logwatch/syslog/tapicero.cfg    | 10 ----------
 .../site_check_mk/files/agent/logwatch/syslog/webapp.cfg      |  5 -----
 .../modules/site_check_mk/files/agent/logwatch/tapicero.cfg   | 11 +++++++++++
 puppet/modules/site_check_mk/files/agent/logwatch/webapp.cfg  |  6 ++++++
 4 files changed, 17 insertions(+), 15 deletions(-)
 delete mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg
 delete mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg
 create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg
 create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/webapp.cfg

(limited to 'puppet/modules/site_check_mk/files/agent/logwatch')

diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg
deleted file mode 100644
index e5721eea..00000000
--- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg
+++ /dev/null
@@ -1,10 +0,0 @@
-# Ignore transient Tapicero errors when creating a db (#6511)
- I tapicero.*(Creating database|Checking security of|Writing security to|Uploading design doc to) user-.* failed (\(trying again soon\)|(twice )?due to): (RestClient::Resource Not Found|RestClient::InternalServerError): (404 Resource Not Found|500 Internal Server Error)
- C tapicero.*RestClient::InternalServerError:
-# possible race condition between multiple tapicero
-# instances, so we ignore it
-# see https://leap.se/code/issues/5168
- I tapicero.*RestClient::PreconditionFailed:
- C tapicero.*Creating database.*failed due to:
- C tapicero.*failed
- W tapicero.*Couch stream ended unexpectedly.
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg
deleted file mode 100644
index 00f9c7fd..00000000
--- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg
+++ /dev/null
@@ -1,5 +0,0 @@
-# check for webapp errors
- C webapp.*Could not connect to couch database messages due to 401 Unauthorized: {"error":"unauthorized","reason":"You are not a server admin."}
-# ignore RoutingErrors that rails throw when it can't handle a url
-# see https://leap.se/code/issues/5173
- I webapp.*ActionController::RoutingError
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg
new file mode 100644
index 00000000..f527f120
--- /dev/null
+++ b/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg
@@ -0,0 +1,11 @@
+/var/log/leap/tapicero.log
+# Ignore transient Tapicero errors when creating a db (#6511)
+ I tapicero.*(Creating database|Checking security of|Writing security to|Uploading design doc to) user-.* failed (\(trying again soon\)|(twice )?due to): (RestClient::Resource Not Found|RestClient::InternalServerError): (404 Resource Not Found|500 Internal Server Error)
+ C tapicero.*RestClient::InternalServerError:
+# possible race condition between multiple tapicero
+# instances, so we ignore it
+# see https://leap.se/code/issues/5168
+ I tapicero.*RestClient::PreconditionFailed:
+ C tapicero.*Creating database.*failed due to:
+ C tapicero.*failed
+ W tapicero.*Couch stream ended unexpectedly.
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/webapp.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/webapp.cfg
new file mode 100644
index 00000000..008e9e09
--- /dev/null
+++ b/puppet/modules/site_check_mk/files/agent/logwatch/webapp.cfg
@@ -0,0 +1,6 @@
+/var/log/leap/webapp.log
+# check for webapp errors
+ C webapp.*Could not connect to couch database messages due to 401 Unauthorized: {"error":"unauthorized","reason":"You are not a server admin."}
+# ignore RoutingErrors that rails throw when it can't handle a url
+# see https://leap.se/code/issues/5173
+ I webapp.*ActionController::RoutingError
-- 
cgit v1.2.3


From bb07407485ed1626221a1190cc2fb2789f95ed22 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Wed, 15 Apr 2015 16:12:11 -0700
Subject: clean up logging mess: add 'logfile' define, mv openvpn and stunnel
 logs to their own files, fix mx logwatch path.

---
 .../modules/site_check_mk/files/agent/logwatch/leap_mx.cfg |  2 +-
 .../modules/site_check_mk/files/agent/logwatch/openvpn.cfg | 14 ++++++++++++++
 .../modules/site_check_mk/files/agent/logwatch/stunnel.cfg | 10 ++++++++++
 .../site_check_mk/files/agent/logwatch/syslog/openvpn.cfg  | 13 -------------
 .../site_check_mk/files/agent/logwatch/syslog/stunnel.cfg  |  9 ---------
 5 files changed, 25 insertions(+), 23 deletions(-)
 create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
 create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/stunnel.cfg
 delete mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg
 delete mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg

(limited to 'puppet/modules/site_check_mk/files/agent/logwatch')

diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg
index c71c5392..166d0230 100644
--- a/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg
+++ b/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg
@@ -1,4 +1,4 @@
-/var/log/leap_mx.log
+/var/log/leap/mx.log
  W Don't know how to deliver mail
  W No public key, stopping the processing chain
 
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
new file mode 100644
index 00000000..ed50f420
--- /dev/null
+++ b/puppet/modules/site_check_mk/files/agent/logwatch/openvpn.cfg
@@ -0,0 +1,14 @@
+/var/log/leap/openvpn.log
+# ignore openvpn TLS initialization errors when clients
+# suddenly hangup before properly establishing
+# a tls connection
+ I ovpn-.*TLS Error: Unroutable control packet received from
+ I ovpn-.*TLS Error: TLS key negotiation failed to occur within 60 seconds \(check your network connectivity\)
+ I ovpn-.*TLS Error: TLS handshake failed
+ I ovpn-.*TLS Error: TLS object -> incoming plaintext read error
+ I ovpn-.*Fatal TLS error \(check_tls_errors_co\), restarting
+ I ovpn-.*TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate
+
+ I ovpn-.*SIGUSR1\[soft,tls-error\] received, client-instance restarting
+ I ovpn-.*VERIFY ERROR: depth=0, error=certificate has expired
+
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/stunnel.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/stunnel.cfg
new file mode 100644
index 00000000..b1e6cf2f
--- /dev/null
+++ b/puppet/modules/site_check_mk/files/agent/logwatch/stunnel.cfg
@@ -0,0 +1,10 @@
+/var/log/leap/stunnel.log
+# check for stunnel failures
+#
+# these are temporary failures and happen very often, so we
+# ignore them until we tuned stunnel timeouts/logging,
+# see https://leap.se/code/issues/5218
+ I stunnel:.*Connection reset by peer
+ I stunnel:.*Peer suddenly disconnected
+ I stunnel:.*Connection refused
+
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg
deleted file mode 100644
index ac17c0ca..00000000
--- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg
+++ /dev/null
@@ -1,13 +0,0 @@
-# ignore openvpn TLS initialization errors when clients
-# suddenly hangup before properly establishing
-# a tls connection
- I ovpn-.*TLS Error: Unroutable control packet received from
- I ovpn-.*TLS Error: TLS key negotiation failed to occur within 60 seconds \(check your network connectivity\)
- I ovpn-.*TLS Error: TLS handshake failed
- I ovpn-.*TLS Error: TLS object -> incoming plaintext read error
- I ovpn-.*Fatal TLS error \(check_tls_errors_co\), restarting
- I ovpn-.*TLS_ERROR: BIO read tls_read_plaintext error: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate
-
- I ovpn-.*SIGUSR1\[soft,tls-error\] received, client-instance restarting
- I ovpn-.*VERIFY ERROR: depth=0, error=certificate has expired
-
diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg
deleted file mode 100644
index eb3131f2..00000000
--- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg
+++ /dev/null
@@ -1,9 +0,0 @@
-# check for stunnel failures
-#
-# these are temporary failures and happen very often, so we
-# ignore them until we tuned stunnel timeouts/logging,
-# see https://leap.se/code/issues/5218
- I stunnel:.*Connection reset by peer
- I stunnel:.*Peer suddenly disconnected
- I stunnel:.*Connection refused
-
-- 
cgit v1.2.3