1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
|
# An "In-Memory Queue" is created for remote logging.
$WorkDirectory <%= scope.lookupvar('rsyslog::spool_dir') -%> # where to place spool files
$ActionQueueFileName queue # unique name prefix for spool files
$ActionQueueMaxDiskSpace <%= scope.lookupvar('rsyslog::client::spool_size') -%> # spool space limit (use as much as possible)
$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
$ActionQueueType LinkedList # run asynchronously
$ActionResumeRetryCount -1 # infinety retries if host is down
<% if scope.lookupvar('rsyslog::client::log_templates') and ! scope.lookupvar('rsyslog::client::log_templates').empty?-%>
# Define custom logging templates
<% scope.lookupvar('rsyslog::client::log_templates').flatten.compact.each do |log_template| -%>
$template <%= log_template['name'] %>,"<%= log_template['template'] %>"
<% end -%>
<% end -%>
<% if scope.lookupvar('rsyslog::client::actionfiletemplate') -%>
# Using specified format for default logging format:
$ActionFileDefaultTemplate <%= scope.lookupvar('rsyslog::client::actionfiletemplate') %>
<% else -%>
#Using default format for default logging format:
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
<% end -%>
<% if scope.lookupvar('rsyslog::client::ssl') -%>
# Setup SSL connection.
# CA/Cert
$DefaultNetStreamDriverCAFile <%= scope.lookupvar('rsyslog::client::ssl_ca') %>
# Connection settings.
$DefaultNetstreamDriver gtls
$ActionSendStreamDriverMode 1
$ActionSendStreamDriverAuthMode anon
<% end -%>
<% if scope.lookupvar('rsyslog::client::remote_servers') -%>
<% scope.lookupvar('rsyslog::client::remote_servers').flatten.compact.each do |server| -%>
<% if server['pattern'] and server['pattern'] != ''-%>
<% pattern = server['pattern'] -%>
<% else -%>
<% pattern = '*.*' -%>
<% end -%>
<% if server['protocol'] == 'TCP' or server['protocol'] == 'tcp'-%>
<% protocol = '@@' -%>
<% protocol_type = 'TCP' -%>
<% else -%>
<% protocol = '@' -%>
<% protocol_type = 'UDP' -%>
<% end -%>
<% if server['host'] and server['host'] != ''-%>
<% host = server['host'] -%>
<% else -%>
<% host = 'localhost' -%>
<% end -%>
<% if server['port'] and server['port'] != ''-%>
<% port = server['port'] -%>
<% else -%>
<% port = '514' -%>
<% end -%>
<% if server['format'] -%>
<% format = ";#{server['format']}" -%>
<% format_type = server['format'] -%>
<% else -%>
<% format = '' -%>
<% format_type = 'the default' -%>
<% end -%>
# Sending logs that match <%= pattern %> to <%= host %> via <%= protocol_type %> on <%= port %> using <%=format_type %> format.
<%= pattern %> <%= protocol %><%= host %>:<%= port %><%= format %>
<% end -%>
<% elsif scope.lookupvar('rsyslog::client::log_remote') -%>
# Log to remote syslog server using <%= scope.lookupvar('rsyslog::client::remote_type') %>
<% if scope.lookupvar('rsyslog::client::remote_type') == 'tcp' -%>
*.* @@<%= scope.lookupvar('rsyslog::client::server') -%>:<%= scope.lookupvar('rsyslog::client::port') -%>;RSYSLOG_ForwardFormat
<% else -%>
*.* @<%= scope.lookupvar('rsyslog::client::server') -%>:<%= scope.lookupvar('rsyslog::client::port') -%>;RSYSLOG_ForwardFormat
<% end -%>
<% end -%>
<% if scope.lookupvar('rsyslog::client::log_auth_local') or scope.lookupvar('rsyslog::client::log_local') -%>
# Logging locally.
<% if scope.lookupvar('rsyslog::log_style') == 'debian' -%>
# Log auth messages locally
auth,authpriv.* /var/log/auth.log
<% elsif scope.lookupvar('rsyslog::log_style') == 'redhat' -%>
# Log auth messages locally
auth,authpriv.* /var/log/secure
<% end -%>
<% end -%>
<% if scope.lookupvar('rsyslog::client::log_local') -%>
<% if scope.lookupvar('rsyslog::log_style') == 'debian' -%>
# First some standard log files. Log by facility.
#
*.*;auth,authpriv.none -/var/log/syslog
cron.* /var/log/cron.log
daemon.* -/var/log/daemon.log
kern.* -/var/log/kern.log
#lpr.* -/var/log/lpr.log
mail.* -/var/log/mail.log
user.* -/var/log/user.log
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#
mail.info -/var/log/mail.info
mail.warn -/var/log/mail.warn
mail.err /var/log/mail.err
#
# Logging for INN news system.
#
news.crit /var/log/news/news.crit
news.err /var/log/news/news.err
news.notice -/var/log/news/news.notice
#
# Some "catch-all" log files.
#
*.=debug;\
auth,authpriv.none;\
news.none;mail.none -/var/log/debug
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -/var/log/messages
#
# I like to have messages displayed on the console, but only on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility. To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
# busy site..
#
daemon.*;mail.*;\
news.err;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
<% elsif scope.lookupvar('rsyslog::log_style') == 'redhat' -%>
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# Log all the mail messages in one place.
mail.* -/var/log/maillog
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages
*.emerg *
# Save news errors of level crit and higher in a special file.
uucp,news.crit -/var/log/spooler
# Save boot messages also to boot.log
local7.* -/var/log/boot.log
<% end -%>
<% end -%>
|