templates/client.conf.erb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133

# file is managed by puppet

# An "In-Memory Queue" is created for remote logging.
$WorkDirectory <%= scope.lookupvar('rsyslog::spool_dir') -%>    # where to place spool files
$ActionQueueFileName queue      # unique name prefix for spool files
$ActionQueueMaxDiskSpace <%= scope.lookupvar('rsyslog::client::spool_size') -%>     # spool space limit (use as much as possible)
$ActionQueueSaveOnShutdown on   # save messages to disk on shutdown
$ActionQueueType LinkedList     # run asynchronously
$ActionResumeRetryCount -1      # infinety retries if host is down

<% if scope.lookupvar('rsyslog::client::ssl') -%>
# Setup SSL connection.
# CA/Cert
$DefaultNetStreamDriverCAFile <%= scope.lookupvar('rsyslog::client::ssl_ca') %>

# Connection settings.
$DefaultNetstreamDriver gtls
$ActionSendStreamDriverMode 1
$ActionSendStreamDriverAuthMode anon
<% end -%>

<% if scope.lookupvar('rsyslog::client::log_remote') -%>
# Log to remote syslog server using <%= scope.lookupvar('rsyslog::client::remote_type') %>
<% if scope.lookupvar('rsyslog::client::remote_type') == 'tcp' -%>
*.* @@<%= scope.lookupvar('rsyslog::client::server') -%>:<%= scope.lookupvar('rsyslog::client::port') -%>;RSYSLOG_ForwardFormat
<% else -%>
*.* @<%= scope.lookupvar('rsyslog::client::server') -%>:<%= scope.lookupvar('rsyslog::client::port') -%>;RSYSLOG_ForwardFormat
<% end -%>
<% end -%>

<% if scope.lookupvar('rsyslog::client::log_auth_local') or scope.lookupvar('rsyslog::client::log_local') -%>
# We log locally, restore to default format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

<% if scope.lookupvar('rsyslog::log_style') == 'debian' -%>
# Log auth messages locally
auth,authpriv.*                 /var/log/auth.log
<% elsif scope.lookupvar('rsyslog::log_style') == 'redhat' -%>
# Log auth messages locally
auth,authpriv.*                 /var/log/secure
<% end -%>
<% end -%>

<% if scope.lookupvar('rsyslog::client::preserve_fqdn') -%>
# Tell rsyslog to use FQDN and not short server names
$PreserveFQDN on 
<% end -%>

<% if scope.lookupvar('rsyslog::client::log_local') -%>
<% if scope.lookupvar('rsyslog::log_style') == 'debian' -%>
# First some standard log files.  Log by facility.
#
*.*;auth,authpriv.none         -/var/log/syslog
cron.*                          /var/log/cron.log
daemon.*                       -/var/log/daemon.log
kern.*                         -/var/log/kern.log
#lpr.*                          -/var/log/lpr.log
mail.*                         -/var/log/mail.log
user.*                         -/var/log/user.log

#
# Logging for the mail system.  Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info                      -/var/log/mail.info
mail.warn                      -/var/log/mail.warn
mail.err                        /var/log/mail.err

#
# Logging for INN news system.
#
news.crit                       /var/log/news/news.crit
news.err                        /var/log/news/news.err
news.notice                     -/var/log/news/news.notice

#
# Some "catch-all" log files.
#
*.=debug;\
       auth,authpriv.none;\
       news.none;mail.none     -/var/log/debug
*.=info;*.=notice;*.=warn;\
       auth,authpriv.none;\
       cron,daemon.none;\
       mail,news.none          -/var/log/messages

#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
#       news.=crit;news.=err;news.=notice;\
#       *.=debug;*.=info;\
#       *.=notice;*.=warn       /dev/tty8

# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
# you must invoke `xconsole' with the `-file' option:
#
#    $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
#      busy site..
#
daemon.*;mail.*;\
        news.err;\
        *.=debug;*.=info;\
        *.=notice;*.=warn       |/dev/xconsole
<% elsif scope.lookupvar('rsyslog::log_style') == 'redhat' -%>
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                /var/log/messages

# Log all the mail messages in one place.
mail.*                         -/var/log/maillog


# Log cron stuff
cron.*                         /var/log/cron

# Everybody gets emergency messages
*.emerg                        *

# Save news errors of level crit and higher in a special file.
uucp,news.crit                 -/var/log/spooler

# Save boot messages also to boot.log
local7.*                       -/var/log/boot.log
<% end -%>
<% end -%>