From c0d0a5a0af891c360dded0c508591cf50899bc66 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 20 Feb 2014 17:07:48 +0100 Subject: now using concanated check_mk logwatch files where needed (#5155) --- .../files/agent/logwatch/logwatch.cfg | 31 ++++++++++++++++++++++ .../site_check_mk/files/agent/logwatch/syslog.cfg | 5 ++++ .../files/agent/logwatch/tapicero.cfg | 1 - .../site_check_mk/manifests/agent/logwatch.pp | 21 ++++++++++++++- .../manifests/agent/logwatch/syslog.pp | 13 +++++++++ .../site_check_mk/manifests/agent/tapicero.pp | 6 +++-- 6 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg create mode 100644 puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg new file mode 100644 index 00000000..c4acae40 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg @@ -0,0 +1,31 @@ +# This file is managed by Puppet. DO NOT EDIT. + +# logwatch.cfg +# This file configures mk_logwatch. Define your logfiles +# and patterns to be looked for here. + +# Name one or more logfiles +/var/log/messages +# Patterns are indented with one space are prefixed with: +# C: Critical messages +# W: Warning messages +# I: ignore these lines (OK) +# The first match decided. Lines that do not match any pattern +# are ignored + C Fail event detected on md device + I mdadm.*: Rebuild.*event detected + W mdadm\[ + W ata.*hard resetting link + W ata.*soft reset failed (.*FIS failed) + W device-mapper: thin:.*reached low water mark + C device-mapper: thin:.*no free space + +/var/log/auth.log + W sshd.*Corrupted MAC on input + +/var/log/kern.log + C panic + C Oops + W generic protection rip + W .*Unrecovered read error - auto reallocate failed + diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg new file mode 100644 index 00000000..3703b5e1 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg @@ -0,0 +1,5 @@ +/var/log/syslog + C panic + C Oops + W generic protection rip + W .*Unrecovered read error - auto reallocate failed diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg index 9402de9b..4e3808eb 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg @@ -1,4 +1,3 @@ -/var/log/syslog C tapicero.*RestClient::InternalServerError: C tapicero.*RestClient::PreconditionFailed: C tapicero.*failed diff --git a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp index 67db5a12..38514af2 100644 --- a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp +++ b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp @@ -8,8 +8,27 @@ class site_check_mk::agent::logwatch { mode => '0755' } + # only config files that watch a distinct logfile should go in logwatch.d/ file { '/etc/check_mk/logwatch.d': - ensure => directory + ensure => directory, + recurse => true, + purge => true, } + # service that share a common logfile (i.e. /var/log/syslog) need to get + # concanated in one file, otherwise the last file sourced will override + # the config before + # see mk_logwatch: "logwatch.cfg overwrites config files in logwatch.d", + # https://leap.se/code/issues/5155 + + # first, we need to deploy a custom logwatch.cfg that doesn't include + # a section about /var/log/syslog + + file { '/etc/check_mk/logwatch.cfg': + source => 'puppet:///modules/site_check_mk/agent/logwatch/logwatch.cfg', + require => Package['check_mk-agent-logwatch'] + } + + include concat::setup + include site_check_mk::agent::logwatch::syslog } diff --git a/puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp b/puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp new file mode 100644 index 00000000..ac3dda64 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp @@ -0,0 +1,13 @@ +class site_check_mk::agent::logwatch::syslog { + + concat { '/etc/check_mk/logwatch.d/syslog.cfg': + warn => true + } + + concat::fragment { 'syslog_header': + source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog.cfg', + target => '/etc/check_mk/logwatch.d/syslog.cfg', + order => '01'; + } + +} diff --git a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp index 088900f4..dc785e52 100644 --- a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp +++ b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp @@ -1,7 +1,9 @@ class site_check_mk::agent::tapicero { - file { '/etc/check_mk/logwatch.d/tapicero.cfg': - source => 'puppet:///modules/site_check_mk/agent/logwatch/tapicero.cfg', + concat::fragment { 'syslog_tapicero': + source => 'puppet:///modules/site_check_mk/agent/logwatch/tapicero.cfg', + target => '/etc/check_mk/logwatch.d/syslog.cfg', + order => '02'; } # local nagios plugin checks via mrpe -- cgit v1.2.3