ansible-role-rsyslog

Install rsyslog.

Notes for OpenBSD

Applications in base does not use /dev/log. This is because, instead of syslog(3), they use sendsyslog(2), which was introduced in 5.6 (Socklog on OpenBSD -current).

If you only need to log locally, you still need to include server in rsyslog_mode.

vars:
  rsyslog_mode:
    - local
    - server

The rsyslog package in the ports tree does not enable imfile module. You cannot use it.

Port 514 cannot used with rsyslog_mode == local. The default port for server is 5140.

imudp is broken. Only imtcp is used.

Lastly, rsyslog package does not get much attention in OpenBSD. There would be more bugs.

Requirements

None

Role Variables

Variable	Description	Default
rsyslog_service_name	service name of rsyslog	{{ __rsyslog_service_name }}
rsyslog_package_name	package name of rsyslog	{{ __rsyslog_package_name }}
rsyslog_conf_dir	path to rsyslog.d directory	{{ __rsyslog_conf_dir }}
rsyslog_conf_file	path to rsyslog.conf	{{ __rsyslog_conf_file }}
rsyslog_bin	path to rssylogd binary	{{ __rsyslog_bin }}
rsyslog_mode	array of mode to run as. local acts as local syslog, logs to local files. client acts as a syslog client, forwards logs to remote host. server act as a syslog server, receives logs from remote.	["local"]
rsyslog_remote_servers	array of remote syslog servers in the form of [ remote.example.com:514 ]	[]
rsyslog_default_syslog_service_name	service name of existing syslog service, which will be stopped and disabled	{{ __rsyslog_default_syslog_service_name }}
rsyslog_default_log_files	TBW	{{ __rsyslog_default_log_files }}
rsyslog_config_WorkDirectory	WorkDirectory	/var/spool/rsyslog
rsyslog_config_FileOwner	FileOwner	{{ __rsyslog_config_FileOwner }}
rsyslog_config_FileGroup	FileGroup	{{ __rsyslog_config_FileGroup }}
rsyslog_imfile_inputs	a dict of imfile inputs. see below	{}
rsyslog_server_config_AllowedSender	when rsyslog_mode is 'server', a list of allowed clients	[]
rsyslog_server_config_listen_port	when rsyslog_mode is 'server', a list of ports that rsyslogd will listen on	{{ __rsyslog_server_config_listen_port }}

rsyslog_imfile_inputs

rsyslog_imfile_inputs is a hash of files to read.

rsyslog_imfile_inputs:
  dummy.log:
    path: /tmp/dummy.log
    tag: dummy
    facility: local1

this creates a config flagment like:

input(
  type="imfile"
  File="/tmp/dummy.log"
  Tag="dummy"
  Facility="local1"
)

Debian

Variable	Default
__rsyslog_service_name	rsyslog
__rsyslog_package_name	rsyslog
__rsyslog_conf_file	/etc/rsyslog.conf
__rsyslog_conf_dir	/etc/rsyslog.d
__rsyslog_bin	/usr/sbin/rsyslogd
__rsyslog_default_syslog_service_name	""
__rsyslog_default_log_files	["/var/log/auth.log", "/var/log/cron", "/var/log/debug", "/var/log/maillog", "/var/log/messages", "/var/log/security"]
__rsyslog_config_FileOwner	root
__rsyslog_config_FileGroup	root
__rsyslog_server_config_listen_port	[514]

FreeBSD

Variable	Default
__rsyslog_service_name	rsyslogd
__rsyslog_package_name	rsyslog
__rsyslog_conf_file	/usr/local/etc/rsyslog.conf
__rsyslog_conf_dir	/usr/local/etc/rsyslog.d
__rsyslog_bin	/usr/local/sbin/rsyslogd
__rsyslog_default_syslog_service_name	syslogd
__rsyslog_default_log_files	["/var/log/auth.log", "/var/log/cron", "/var/log/debug", "/var/log/maillog", "/var/log/messages", "/var/log/security"]
__rsyslog_config_FileOwner	root
__rsyslog_config_FileGroup	wheel
__rsyslog_server_config_listen_port	[514]

OpenBSD

Variable	Default
__rsyslog_service_name	rsyslogd
__rsyslog_package_name	rsyslog
__rsyslog_conf_file	/etc/rsyslog.conf
__rsyslog_conf_dir	/etc/rsyslog.d
__rsyslog_bin	/usr/local/sbin/rsyslogd
__rsyslog_default_syslog_service_name	""
__rsyslog_default_log_files	["/var/log/auth.log", "/var/log/cron", "/var/log/debug", "/var/log/maillog", "/var/log/messages", "/var/log/security"]
__rsyslog_config_FileOwner	root
__rsyslog_config_FileGroup	wheel
__rsyslog_server_config_listen_port	[5140]

RedHat

Variable	Default
__rsyslog_service_name	rsyslog
__rsyslog_package_name	rsyslog
__rsyslog_conf_file	/etc/rsyslog.conf
__rsyslog_conf_dir	/etc/rsyslog.d
__rsyslog_bin	/usr/sbin/rsyslogd
__rsyslog_default_syslog_service_name	""
__rsyslog_default_log_files	["/var/log/auth.log", "/var/log/cron", "/var/log/debug", "/var/log/maillog", "/var/log/messages", "/var/log/security"]
__rsyslog_config_FileOwner	root
__rsyslog_config_FileGroup	root
__rsyslog_server_config_listen_port	[514]

Created by yaml2readme.rb

Dependencies

None

Example Playbook

- hosts: localhost
  pre_tasks:
    - file: path=/tmp/dummy.log state=touch
      changed_when: false
  roles:
    - ansible-role-rsyslog
  vars:
    rsyslog_mode: "{% if ansible_os_family == 'OpenBSD' %}[ 'local', 'server', 'client' ]{% else %}[ 'local', 'client' ]{% endif %}"
    rsyslog_remote_servers:
      - 10.0.2.115:514
    rsyslog_imfile_inputs: "{% if ansible_os_family == 'OpenBSD' %}{}{% else %}{ 'dummy.log': { 'path': '/tmp/dummy.log', 'tag': 'dummy', 'facility': 'local1' } }{% endif %}"
    rsyslog_server_config_AllowedSender: "{% if ansible_os_family == 'OpenBSD' %}[ 'UDP, 127.0.0.1' ]{% else %}[]{% endif %}"

    - hosts: servers
      roles:
         - ansible-role-rsyslog
      vars:
        rsyslog_mode:
          - local
          - client
        rsyslog_remote_servers:
          - remote.example.com:514

License

Copyright (c) 2016 Tomoyuki Sakurai <[email protected]>

Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

Author Information

Tomoyuki Sakurai [email protected]

This README was created by ansible-role-init