118 lines
3.5 KiB
Plaintext
118 lines
3.5 KiB
Plaintext
# Config generated by Chef - manual edits will be overwritten
|
|
#
|
|
# /etc/rsyslog.conf Configuration file for rsyslog.
|
|
#
|
|
# For more information see
|
|
# /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
|
|
#
|
|
# Default logging rules can be found in /etc/rsyslog.d/50-default.conf
|
|
#
|
|
# Set max message size
|
|
#
|
|
$MaxMessageSize <%= node['rsyslog']['max_message_size'] %>
|
|
|
|
#
|
|
# Preserve FQDN
|
|
#
|
|
$PreserveFQDN <%= node['rsyslog']['preserve_fqdn'] %>
|
|
|
|
#################
|
|
#### MODULES ####
|
|
#################
|
|
|
|
<% if node['rsyslog']['modules'] && !node['rsyslog']['modules'].empty? %>
|
|
<% [*node['rsyslog']['modules']].each do |mod| %>
|
|
$ModLoad <%= mod %>
|
|
<% end %>
|
|
<% end %>
|
|
|
|
<% if node['rsyslog']['server'] -%>
|
|
<% if node['rsyslog']['enable_tls'] && node['rsyslog']['tls_ca_file'] &&
|
|
node['rsyslog']['tls_key_file'] && node['rsyslog']['tls_certificate_file'] -%>
|
|
$DefaultNetstreamDriver gtls
|
|
$DefaultNetstreamDriverCAFile <%= node['rsyslog']['tls_ca_file'] %>
|
|
$DefaultNetstreamDriverCertFile <%= node['rsyslog']['tls_certificate_file'] %>
|
|
$DefaultNetstreamDriverKeyFile <%= node['rsyslog']['tls_key_file'] %>
|
|
|
|
$ModLoad imtcp
|
|
|
|
$InputTCPServerStreamDriverMode 1 # run driver in TLS-only mode
|
|
$InputTCPServerStreamDriverAuthMode <%= node['rsyslog']['tls_auth_mode'] || 'anon' %>
|
|
$InputTCPServerRun <%= node['rsyslog']['port'] %>
|
|
# Provide <%= node['rsyslog']['protocol'].upcase %> log reception
|
|
<% else -%>
|
|
<% if node['rsyslog']['protocol'] =~ /tcp/ %>
|
|
$ModLoad imtcp
|
|
$InputTCPServerRun <%= node['rsyslog']['port'] %>
|
|
<% end -%>
|
|
<% if node['rsyslog']['protocol'] =~ /udp/ %>
|
|
$ModLoad imudp
|
|
$UDPServerAddress <%= node['rsyslog']['bind'] %>
|
|
$UDPServerRun <%= node['rsyslog']['port'] %>
|
|
<% end -%>
|
|
<% end -%>
|
|
<% end -%>
|
|
|
|
###########################
|
|
#### GLOBAL DIRECTIVES ####
|
|
###########################
|
|
|
|
<% if node["rsyslog"]["default_file_template"] -%>
|
|
#
|
|
# Default log format template
|
|
#
|
|
$ActionFileDefaultTemplate <%= node["rsyslog"]["default_file_template"] %>
|
|
<% elsif !node["rsyslog"]["high_precision_timestamps"] -%>
|
|
#
|
|
# Use traditional timestamp format.
|
|
# To enable high precision timestamps, comment out the following line.
|
|
#
|
|
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
|
|
<% end -%>
|
|
|
|
# Filter duplicated messages
|
|
$RepeatedMsgReduction <%= node['rsyslog']['repeated_msg_reduction'] %>
|
|
|
|
#
|
|
# Set temporary directory to buffer syslog queue
|
|
#
|
|
$WorkDirectory <%= node['rsyslog']['working_dir'] %>
|
|
|
|
#
|
|
# Set the default permissions for all log files.
|
|
#
|
|
$FileOwner <%= node['rsyslog']['user'] %>
|
|
$FileGroup <%= node['rsyslog']['group'] %>
|
|
$FileCreateMode 0640
|
|
$DirCreateMode 0755
|
|
$Umask 0022
|
|
<% if node['rsyslog']['priv_seperation'] %>
|
|
$PrivDropToUser <%= node['rsyslog']['priv_user'] || node['rsyslog']['user'] %>
|
|
$PrivDropToGroup <%= node['rsyslog']['priv_group'] || node['rsyslog']['group'] %>
|
|
<% end %>
|
|
<% unless node['rsyslog']['rate_limit_interval'].nil? %>
|
|
#
|
|
# Set the amount of time that is being measured for rate limiting
|
|
#
|
|
$SystemLogRateLimitInterval <%= node['rsyslog']['rate_limit_interval'] %>
|
|
<% end %>
|
|
<% unless node['rsyslog']['rate_limit_burst'].nil? %>
|
|
#
|
|
# Set the amount of messages, that have to occur in the time limit of
|
|
# SystemLogRateLimitInterval, to trigger rate limiting
|
|
#
|
|
$SystemLogRateLimitBurst <%= node['rsyslog']['rate_limit_burst'] %>
|
|
<% end %>
|
|
|
|
#
|
|
# Set other directives
|
|
#
|
|
<% node['rsyslog']['additional_directives'].each_pair do |k,v| %>
|
|
$<%= k %> <%= v %>
|
|
<% end %>
|
|
|
|
#
|
|
# Include all config files in <%= node['rsyslog']['config_prefix'] %>/rsyslog.d/
|
|
#
|
|
$IncludeConfig <%= node['rsyslog']['config_prefix'] %>/rsyslog.d/*.conf
|