From d07cd1e2d31034ebb62d8fb7f6836aa8e7e75827 Mon Sep 17 00:00:00 2001 From: John Dyer Date: Wed, 27 Jun 2012 12:23:02 -0400 Subject: [PATCH 01/30] work in prgress with adding forwrder deff --- definitions/syslog_ng_app.rb | 16 +++--- definitions/syslog_ng_forwarder.rb | 66 ++++++++++++++++++++++++ templates/default/syslog_ng_app.erb | 4 +- templates/default/syslog_ng_forwader.erb | 18 +++++++ 4 files changed, 94 insertions(+), 10 deletions(-) create mode 100644 definitions/syslog_ng_forwarder.rb create mode 100644 templates/default/syslog_ng_forwader.erb diff --git a/definitions/syslog_ng_app.rb b/definitions/syslog_ng_app.rb index 3c077bc..b6a2ee4 100644 --- a/definitions/syslog_ng_app.rb +++ b/definitions/syslog_ng_app.rb @@ -19,7 +19,7 @@ define :syslog_ng_app, :template => "syslog_ng_app.erb" do include_recipe "syslog-ng" - + application = { :name => params[:name], :index => params[:index] || "02", @@ -28,37 +28,37 @@ :port => params[:port] || "514", :log_base => params[:log_base] || node[:syslog_ng][:log_dir] } - + directory "#{application[:log_base]}" do owner node[:syslog_ng][:user] group node[:syslog_ng][:group] mode 00755 action :create end - + directory "#{application[:log_base]}/#{application[:name]}" do owner node[:syslog_ng][:user] group node[:syslog_ng][:group] mode 00755 action :create end - + template "#{node[:syslog_ng][:config_dir]}/conf.d/#{application[:index]}#{application[:name]}" do source params[:template] owner node[:syslog_ng][:user] group node[:syslog_ng][:group] mode 00640 cookbook application[:cookbook] - + if params[:cookbook] cookbook params[:cookbook] end - + variables( :application => application, :params => params ) - + notifies :restart, resources(:service => "syslog-ng"), :immediately end -end \ No newline at end of file +end diff --git a/definitions/syslog_ng_forwarder.rb b/definitions/syslog_ng_forwarder.rb new file mode 100644 index 0000000..490db12 --- /dev/null +++ b/definitions/syslog_ng_forwarder.rb @@ -0,0 +1,66 @@ +# +# Cookbook Name:: syslog-ng +# Definition:: syslog_ng_app +# +# Copyright 2012, Artem Veremey +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +define :syslog_ng_forwarder, :template => "syslog_ng_forwarder.erb" do + include_recipe "syslog-ng" + + application = { + :destination_type => params[:destination_type] || "file" + :name => params[:name], + :index => params[:index] || "02", + :cookbook => params[:cookbook] || "syslog-ng", + :host => params[:host] || "127.0.0.1", + :port => params[:port] || "514", + :log_base => params[:log_base] || node[:syslog_ng][:log_dir] + } + + directory "#{application[:log_base]}" do + owner node[:syslog_ng][:user] + group node[:syslog_ng][:group] + mode 00755 + action :create + end + + directory "#{application[:log_base]}/#{application[:name]}" do + owner node[:syslog_ng][:user] + group node[:syslog_ng][:group] + mode 00755 + action :create + end + + template "#{node[:syslog_ng][:config_dir]}/conf.d/#{application[:index]}#{application[:name]}" do + source params[:template] + owner node[:syslog_ng][:user] + group node[:syslog_ng][:group] + mode 00640 + cookbook application[:cookbook] + + if params[:cookbook] + cookbook params[:cookbook] + end + + variables( + :application => application, + :params => params + ) + + notifies :restart, resources(:service => "syslog-ng"), :immediately + end +end +\ diff --git a/templates/default/syslog_ng_app.erb b/templates/default/syslog_ng_app.erb index d030161..b634d86 100644 --- a/templates/default/syslog_ng_app.erb +++ b/templates/default/syslog_ng_app.erb @@ -1,6 +1,6 @@ # Generated by Chef for <%= node[:fqdn] %> # Local modifications will be overwritten. -# +# # <%= node[:syslog_ng][:config_dir] %>/conf.d/<%= [@application[:index], @application[:name]].join %> # @@ -10,7 +10,7 @@ source s_udp_<%= @application[:name] %> { }; destination d_file_<%= @application[:name] %> { - file("<%= @application[:log_base] %>/<%= @application[:name] %>/default.log" template(t_network)); + <%=@application[:destination_type]%>("<%= @application[:log_base] %>/<%= @application[:name] %>/default.log" template(t_network)); }; log { source(s_udp_<%= @application[:name] %>); filter(f_notdbg); destination(d_file_<%= @application[:name] %>); }; diff --git a/templates/default/syslog_ng_forwader.erb b/templates/default/syslog_ng_forwader.erb new file mode 100644 index 0000000..b634d86 --- /dev/null +++ b/templates/default/syslog_ng_forwader.erb @@ -0,0 +1,18 @@ +# Generated by Chef for <%= node[:fqdn] %> +# Local modifications will be overwritten. +# +# <%= node[:syslog_ng][:config_dir] %>/conf.d/<%= [@application[:index], @application[:name]].join %> +# + + +source s_udp_<%= @application[:name] %> { + udp (ip(<%= @application[:host] %>) port(<%= @application[:port] %>)); +}; + +destination d_file_<%= @application[:name] %> { + <%=@application[:destination_type]%>("<%= @application[:log_base] %>/<%= @application[:name] %>/default.log" template(t_network)); +}; + +log { source(s_udp_<%= @application[:name] %>); filter(f_notdbg); destination(d_file_<%= @application[:name] %>); }; + +# do not forget the empty line From 37e36dd7a484abcdc9224b9f07be2c493e44892d Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Wed, 27 Jun 2012 14:00:43 -0400 Subject: [PATCH 02/30] Redo defintiions to add forwarder and to add ability to specify log file name --- definitions/syslog_ng_app.rb | 1 + definitions/syslog_ng_forwarder.rb | 4 +++- templates/default/syslog_ng_app.erb | 7 +++++-- .../{syslog_ng_forwader.erb => syslog_ng_forwarder.erb} | 9 ++++++--- 4 files changed, 15 insertions(+), 6 deletions(-) rename templates/default/{syslog_ng_forwader.erb => syslog_ng_forwarder.erb} (53%) diff --git a/definitions/syslog_ng_app.rb b/definitions/syslog_ng_app.rb index b6a2ee4..95b518f 100644 --- a/definitions/syslog_ng_app.rb +++ b/definitions/syslog_ng_app.rb @@ -27,6 +27,7 @@ :host => params[:host] || "127.0.0.1", :port => params[:port] || "514", :log_base => params[:log_base] || node[:syslog_ng][:log_dir] + :log_name => params[:log_name] || "default.log" } directory "#{application[:log_base]}" do diff --git a/definitions/syslog_ng_forwarder.rb b/definitions/syslog_ng_forwarder.rb index 490db12..43c00ec 100644 --- a/definitions/syslog_ng_forwarder.rb +++ b/definitions/syslog_ng_forwarder.rb @@ -21,13 +21,15 @@ include_recipe "syslog-ng" application = { - :destination_type => params[:destination_type] || "file" :name => params[:name], :index => params[:index] || "02", :cookbook => params[:cookbook] || "syslog-ng", + :destination_host => params[:destination_host] + :destination_port => params[:destination_port] :host => params[:host] || "127.0.0.1", :port => params[:port] || "514", :log_base => params[:log_base] || node[:syslog_ng][:log_dir] + :log_name => params[:log_name] || "default.log" } directory "#{application[:log_base]}" do diff --git a/templates/default/syslog_ng_app.erb b/templates/default/syslog_ng_app.erb index b634d86..7bf5c07 100644 --- a/templates/default/syslog_ng_app.erb +++ b/templates/default/syslog_ng_app.erb @@ -10,9 +10,12 @@ source s_udp_<%= @application[:name] %> { }; destination d_file_<%= @application[:name] %> { - <%=@application[:destination_type]%>("<%= @application[:log_base] %>/<%= @application[:name] %>/default.log" template(t_network)); + file("<%= @application[:log_base] %>/<%= @application[:name] %>/<%= @application[:log_name]%>"); }; -log { source(s_udp_<%= @application[:name] %>); filter(f_notdbg); destination(d_file_<%= @application[:name] %>); }; +log { + source(s_udp_<%= @application[:name] %>); + destination(d_file_<%= @application[:name] %>); +}; # do not forget the empty line diff --git a/templates/default/syslog_ng_forwader.erb b/templates/default/syslog_ng_forwarder.erb similarity index 53% rename from templates/default/syslog_ng_forwader.erb rename to templates/default/syslog_ng_forwarder.erb index b634d86..f8c38c6 100644 --- a/templates/default/syslog_ng_forwader.erb +++ b/templates/default/syslog_ng_forwarder.erb @@ -9,10 +9,13 @@ source s_udp_<%= @application[:name] %> { udp (ip(<%= @application[:host] %>) port(<%= @application[:port] %>)); }; -destination d_file_<%= @application[:name] %> { - <%=@application[:destination_type]%>("<%= @application[:log_base] %>/<%= @application[:name] %>/default.log" template(t_network)); +destination d_udp_<%= @application[:name] %> { + udp( "<%= @application[:destination_host] %>" port(@application[:destination_port]) );; }; -log { source(s_udp_<%= @application[:name] %>); filter(f_notdbg); destination(d_file_<%= @application[:name] %>); }; +log { + source(s_udp_<%= @application[:name] %>); + destination(d_udp_<%= @application[:name] %>); +}; # do not forget the empty line From 27f22f1069c9d6f88fd8232dfc029c044ac7ade9 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Wed, 27 Jun 2012 14:01:22 -0400 Subject: [PATCH 03/30] Remove most of base config since not doing system logging --- files/default/00base | 137 ++----------------------------------------- 1 file changed, 4 insertions(+), 133 deletions(-) diff --git a/files/default/00base b/files/default/00base index cd138b6..42907c6 100644 --- a/files/default/00base +++ b/files/default/00base @@ -16,143 +16,14 @@ # options { - flush_lines (0); + sync (0); time_reopen (10); log_fifo_size (1000); long_hostnames (off); - # use_dns (no); - use_dns (yes); - # use_fqdn (yes); + use_dns (no); use_fqdn (no); - create_dirs (no); - # keep_hostname (yes); - keep_hostname (no); - # use_dns(persist_only); - # dns_cache(yes); - # dns_cache_hosts(/etc/hosts2); - sync (0); -}; - -source s_sys { - file ("/proc/kmsg" log_prefix("kernel: ")); - unix-stream ("/dev/log"); - internal(); -}; - -# TCP source example -# source s_tcp { -# tcp(ip(0.0.0.0) port(2000) max-connections(300)); -# }; - -# UDP source exaple -# source s_udp { -# udp(ip(127.0.0.1) port(514)); -# }; - -# Forwarding template -template t_network { - template("$R_ISODATE $HOST $SOURCEIP $FACILITY $LEVEL $MSG\n"); template_escape(no); -}; - -# Vanilla template -template t_message { - template("$MSG\n"); template_escape(no); -}; - -# System logging -destination d_cons { file("/dev/console"); }; -destination d_mesg { file("/var/log/messages"); }; -destination d_auth { file("/var/log/secure"); }; -destination d_mail { file("/var/log/maillog" sync(10)); }; -destination d_spol { file("/var/log/spooler"); }; -destination d_boot { file("/var/log/boot.log"); }; -destination d_cron { file("/var/log/cron"); }; -destination d_kern { file("/var/log/kern"); }; -destination d_mlal { usertty("*"); }; - -# Log to MySQL example -# destination d_mysql { -# sql( -# type(mysql) -# host("localhost") username("syslog") password("sys1100g") -# database("syslog") -# table("logs") -# table("messages_${HOST}_${R_YEAR}${R_MONTH}") -# columns("datetime", "host", "ip", "facility", "priority", "message") -# values("$R_ISODATE", "$HOST", "$SOURCEIP", "$FACILITY", "$LEVEL", "$MSG") -# indexes() -# ); -# }; - -filter f_kernel { - facility(kern); -}; - -filter f_default { - level(info..emerg) and - not (facility(mail) - or facility(authpriv) - or facility(cron)); -}; - -filter f_auth { - facility(authpriv); + create_dirs (yes); + keep_hostname (yes); }; -filter f_mail { - facility(mail); -}; - -filter f_emergency { - level(emerg); -}; - -filter f_news { - facility(uucp) or - (facility(news) and level(crit..emerg)); -}; - -filter f_boot { - facility(local7); -}; - -filter f_cron { - facility(cron); -}; - -filter f_dbg { - level(debug); -}; - -filter f_notdbg { - not (level(debug)); -}; - -# A more complex filter example -# filter f_macchange { -# not ( -# facility(local6) and -# match("ARPMGR-2-MAC_CHANGE") -# ) -# and not ( -# facility(local4) and -# match("sntp_client") -# ) -# and not ( -# level(debug) -# ); -# }; - - -# Bind sources filters and destinations -log { source(s_sys); filter(f_kernel); destination(d_cons); }; -log { source(s_sys); filter(f_kernel); destination(d_kern); }; -log { source(s_sys); filter(f_default); destination(d_mesg); }; -log { source(s_sys); filter(f_auth); destination(d_auth); }; -log { source(s_sys); filter(f_mail); destination(d_mail); }; -log { source(s_sys); filter(f_emergency); destination(d_mlal); }; -log { source(s_sys); filter(f_news); destination(d_spol); }; -log { source(s_sys); filter(f_boot); destination(d_boot); }; -log { source(s_sys); filter(f_cron); destination(d_cron); }; - # Remember to add an empty line at the end of file From 0fccbe0592f7b9a53b3bc61ab7bfc7f1987702f6 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 10:00:18 -0400 Subject: [PATCH 04/30] Fix syntax in definition. Allow specifying protocol for forwarder --- definitions/syslog_ng_forwarder.rb | 5 +++-- recipes/default.rb | 8 -------- templates/default/syslog_ng_forwarder.erb | 6 +++--- 3 files changed, 6 insertions(+), 13 deletions(-) diff --git a/definitions/syslog_ng_forwarder.rb b/definitions/syslog_ng_forwarder.rb index 43c00ec..7d1f342 100644 --- a/definitions/syslog_ng_forwarder.rb +++ b/definitions/syslog_ng_forwarder.rb @@ -24,8 +24,9 @@ :name => params[:name], :index => params[:index] || "02", :cookbook => params[:cookbook] || "syslog-ng", - :destination_host => params[:destination_host] - :destination_port => params[:destination_port] + :destination_host => params[:destination_host], + :destination_port => params[:destination_port] || "514", + :destination_protocol => params[:destination_protocol] || "udp", :host => params[:host] || "127.0.0.1", :port => params[:port] || "514", :log_base => params[:log_base] || node[:syslog_ng][:log_dir] diff --git a/recipes/default.rb b/recipes/default.rb index b6d4ee6..9a7d776 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -51,14 +51,6 @@ action :create end -service "syslog" do - action [ :disable, :stop ] -end - -service "rsyslog" do - action [ :disable, :stop ] -end - service "syslog-ng" do supports :restart => true, :status => true action [ :enable, :start ] diff --git a/templates/default/syslog_ng_forwarder.erb b/templates/default/syslog_ng_forwarder.erb index f8c38c6..1b70446 100644 --- a/templates/default/syslog_ng_forwarder.erb +++ b/templates/default/syslog_ng_forwarder.erb @@ -9,13 +9,13 @@ source s_udp_<%= @application[:name] %> { udp (ip(<%= @application[:host] %>) port(<%= @application[:port] %>)); }; -destination d_udp_<%= @application[:name] %> { - udp( "<%= @application[:destination_host] %>" port(@application[:destination_port]) );; +destination d_<%= @application[:destination_protocol] %>_<%= @application[:name] %> { + <%= @application[:destination_protocol] %>( "<%= @application[:destination_host] %>" port(@application[:destination_port]) );; }; log { source(s_udp_<%= @application[:name] %>); - destination(d_udp_<%= @application[:name] %>); + destination(d_<%= @application[:destination_protocol] %>_<%= @application[:name] %>); }; # do not forget the empty line From 1a5399d3875dd77451aebc5e46c2403d69325194 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 10:13:14 -0400 Subject: [PATCH 05/30] Recipe for using syslog-ng for system logging --- files/default/01global | 124 +++++++++++++++++++++++++++++++++++++++++ recipes/global.rb | 32 +++++++++++ 2 files changed, 156 insertions(+) create mode 100644 files/default/01global create mode 100644 recipes/global.rb diff --git a/files/default/01global b/files/default/01global new file mode 100644 index 0000000..edfc5f4 --- /dev/null +++ b/files/default/01global @@ -0,0 +1,124 @@ +source s_sys { + file ("/proc/kmsg" log_prefix("kernel: ")); + unix-stream ("/dev/log"); + internal(); +}; + +# TCP source example +# source s_tcp { +# tcp(ip(0.0.0.0) port(2000) max-connections(300)); +# }; + +# UDP source exaple +# source s_udp { +# udp(ip(127.0.0.1) port(514)); +# }; + +# Forwarding template +template t_network { + template("$R_ISODATE $HOST $SOURCEIP $FACILITY $LEVEL $MSG\n"); template_escape(no); +}; + +# Vanilla template +template t_message { + template("$MSG\n"); template_escape(no); +}; + +# System logging +destination d_cons { file("/dev/console"); }; +destination d_mesg { file("/var/log/messages"); }; +destination d_auth { file("/var/log/secure"); }; +destination d_mail { file("/var/log/maillog" sync(10)); }; +destination d_spol { file("/var/log/spooler"); }; +destination d_boot { file("/var/log/boot.log"); }; +destination d_cron { file("/var/log/cron"); }; +destination d_kern { file("/var/log/kern"); }; +destination d_mlal { usertty("*"); }; + +# Log to MySQL example +# destination d_mysql { +# sql( +# type(mysql) +# host("localhost") username("syslog") password("sys1100g") +# database("syslog") +# table("logs") +# table("messages_${HOST}_${R_YEAR}${R_MONTH}") +# columns("datetime", "host", "ip", "facility", "priority", "message") +# values("$R_ISODATE", "$HOST", "$SOURCEIP", "$FACILITY", "$LEVEL", "$MSG") +# indexes() +# ); +# }; + +filter f_kernel { + facility(kern); +}; + +filter f_default { + level(info..emerg) and + not (facility(mail) + or facility(authpriv) + or facility(cron)); +}; + +filter f_auth { + facility(authpriv); +}; + +filter f_mail { + facility(mail); +}; + +filter f_emergency { + level(emerg); +}; + +filter f_news { + facility(uucp) or + (facility(news) and level(crit..emerg)); +}; + +filter f_boot { + facility(local7); +}; + +filter f_cron { + facility(cron); +}; + +filter f_dbg { + level(debug); +}; + +filter f_notdbg { + not (level(debug)); +}; + +# A more complex filter example +# filter f_macchange { +# not ( +# facility(local6) and +# match("ARPMGR-2-MAC_CHANGE") +# ) +# and not ( +# facility(local4) and +# match("sntp_client") +# ) +# and not ( +# level(debug) +# ); +# }; + + +# Bind sources filters and destinations +log { source(s_sys); filter(f_kernel); destination(d_cons); }; +log { source(s_sys); filter(f_kernel); destination(d_kern); }; +log { source(s_sys); filter(f_default); destination(d_mesg); }; +log { source(s_sys); filter(f_auth); destination(d_auth); }; +log { source(s_sys); filter(f_mail); destination(d_mail); }; +log { source(s_sys); filter(f_emergency); destination(d_mlal); }; +log { source(s_sys); filter(f_news); destination(d_spol); }; +log { source(s_sys); filter(f_boot); destination(d_boot); }; +log { source(s_sys); filter(f_cron); destination(d_cron); }; + +# Remember to add an empty line at the end of file + diff --git a/recipes/global.rb b/recipes/global.rb new file mode 100644 index 0000000..26f9690 --- /dev/null +++ b/recipes/global.rb @@ -0,0 +1,32 @@ +# +# Cookbook Name:: syslog-ng +# Recipe:: global +# +# Copyright 2011,2012 Artem Veremey +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +service "syslog" do + action [ :disable, :stop ] +end + +service "rsyslog" do + action [ :disable, :stop ] +end + +cookbook_file "#{node[:syslog_ng][:config_dir]}/conf.d/01global" do + owner node[:syslog_ng][:user] + group node[:syslog_ng][:group] + mode 00640 +end From 3a68b06bffffad59bca69b8e6928fb8d3d87e9b6 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 10:41:26 -0400 Subject: [PATCH 06/30] GLobal recipe should include default recipe --- recipes/global.rb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/recipes/global.rb b/recipes/global.rb index 26f9690..fdf9643 100644 --- a/recipes/global.rb +++ b/recipes/global.rb @@ -17,6 +17,8 @@ # limitations under the License. # +include_recipe "syslog-ng" + service "syslog" do action [ :disable, :stop ] end From e9080c30f2d082028c0ee714291ba12789c60834 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 10:42:01 -0400 Subject: [PATCH 07/30] Forwarder does not need paths --- definitions/syslog_ng_forwarder.rb | 2 -- 1 file changed, 2 deletions(-) diff --git a/definitions/syslog_ng_forwarder.rb b/definitions/syslog_ng_forwarder.rb index 7d1f342..745bd99 100644 --- a/definitions/syslog_ng_forwarder.rb +++ b/definitions/syslog_ng_forwarder.rb @@ -29,8 +29,6 @@ :destination_protocol => params[:destination_protocol] || "udp", :host => params[:host] || "127.0.0.1", :port => params[:port] || "514", - :log_base => params[:log_base] || node[:syslog_ng][:log_dir] - :log_name => params[:log_name] || "default.log" } directory "#{application[:log_base]}" do From a82f1dabb0a7f820343eccc79a50ae67bd8f9722 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 10:43:34 -0400 Subject: [PATCH 08/30] Explain new definition in README --- README.md | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 56ef09d..818903c 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,20 @@ Description =========== -The Syslog NG cookbook installs and configures syslog-ng service. +The Syslog NG cookbook installs and configures syslog-ng service. There are two recipes + +* syslog-ng enables syslog-ng but does not affect your current syslog configuration +* syslog-ng::global disables your existing syslog and configures syslog-ng to handle system logging + +There are also two definitions + +* syslog_ng_app configures syslog-ng to listen on a udp port and write logs it receives to a file +* syslog_ng_forwarder configures syslog-ng to listen on a udp port and forward logs it receives to another syslog server + +If you want logs both to be written to a file and to be forwarded, you can use the same host and port in each definition. + +The path to logfiles is generated by concatenating log_base, the application name, and log_name. When setting log_base and log_name you can use syslog-ng macros. For example, log_name could be "${YEAR}/${MONTH}/${DAY}/${HOUR}.log" + The cookbook has been written for and tested on CentOS with syslog-ng 2.1.4. Syslog NG can be obtained [here: balabit.com](http://www.balabit.com/downloads/files?path=/syslog-ng/sources/2.1.4). @@ -27,6 +40,16 @@ Usage host "127.0.0.1" port "514" log_base "/var/applogs" + log_name "default.log" + end + + syslog_ng_forwarder application[:name] do + index "03" + host "127.0.0.1" + port "514" + destination_host "example.com" + destination_port "514" + destination_protocol "udp" end From f9ed92e252f140b47e776ed547a2f74c50d0dee3 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 10:53:40 -0400 Subject: [PATCH 09/30] Rename syslog_ng_app to syslog_ng_file --- README.md | 4 ++-- definitions/{syslog_ng_app.rb => syslog_ng_file.rb} | 4 ++-- templates/default/{syslog_ng_app.erb => syslog_ng_file.rb} | 0 3 files changed, 4 insertions(+), 4 deletions(-) rename definitions/{syslog_ng_app.rb => syslog_ng_file.rb} (95%) rename templates/default/{syslog_ng_app.erb => syslog_ng_file.rb} (100%) diff --git a/README.md b/README.md index 818903c..89e53b2 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ The Syslog NG cookbook installs and configures syslog-ng service. There are two There are also two definitions -* syslog_ng_app configures syslog-ng to listen on a udp port and write logs it receives to a file +* syslog_ng_file configures syslog-ng to listen on a udp port and write logs it receives to a file * syslog_ng_forwarder configures syslog-ng to listen on a udp port and forward logs it receives to another syslog server If you want logs both to be written to a file and to be forwarded, you can use the same host and port in each definition. @@ -35,7 +35,7 @@ Usage ### In a cookbook: include_recipe "syslog-ng" - syslog_ng_app application[:name] do + syslog_ng_file application[:name] do index "02" host "127.0.0.1" port "514" diff --git a/definitions/syslog_ng_app.rb b/definitions/syslog_ng_file.rb similarity index 95% rename from definitions/syslog_ng_app.rb rename to definitions/syslog_ng_file.rb index 95b518f..691b343 100644 --- a/definitions/syslog_ng_app.rb +++ b/definitions/syslog_ng_file.rb @@ -1,6 +1,6 @@ # # Cookbook Name:: syslog-ng -# Definition:: syslog_ng_app +# Definition:: syslog_ng_file # # Copyright 2012, Artem Veremey # @@ -17,7 +17,7 @@ # limitations under the License. # -define :syslog_ng_app, :template => "syslog_ng_app.erb" do +define :syslog_ng_file, :template => "syslog_ng_file.erb" do include_recipe "syslog-ng" application = { diff --git a/templates/default/syslog_ng_app.erb b/templates/default/syslog_ng_file.rb similarity index 100% rename from templates/default/syslog_ng_app.erb rename to templates/default/syslog_ng_file.rb From 4fce9e17fbbfd136b3d688650cb89454fd61cc4d Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 10:55:12 -0400 Subject: [PATCH 10/30] Fix name in forwarder definition --- definitions/syslog_ng_forwarder.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/definitions/syslog_ng_forwarder.rb b/definitions/syslog_ng_forwarder.rb index 745bd99..eda7e12 100644 --- a/definitions/syslog_ng_forwarder.rb +++ b/definitions/syslog_ng_forwarder.rb @@ -1,6 +1,6 @@ # # Cookbook Name:: syslog-ng -# Definition:: syslog_ng_app +# Definition:: syslog_ng_forwarder # # Copyright 2012, Artem Veremey # From 2ac2f92cbf5d0f36543e01d25773bb39333e4894 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 11:27:26 -0400 Subject: [PATCH 11/30] Add logfile compression --- README.md | 1 + definitions/syslog_ng_file.rb | 12 +++++++++++- templates/default/compress_logs.erb | 2 ++ 3 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 templates/default/compress_logs.erb diff --git a/README.md b/README.md index 89e53b2..454af79 100644 --- a/README.md +++ b/README.md @@ -37,6 +37,7 @@ Usage syslog_ng_file application[:name] do index "02" + days_uncompressed "7" host "127.0.0.1" port "514" log_base "/var/applogs" diff --git a/definitions/syslog_ng_file.rb b/definitions/syslog_ng_file.rb index 691b343..bb74a3c 100644 --- a/definitions/syslog_ng_file.rb +++ b/definitions/syslog_ng_file.rb @@ -24,10 +24,11 @@ :name => params[:name], :index => params[:index] || "02", :cookbook => params[:cookbook] || "syslog-ng", + :days_uncompressed => params[:days_uncompressed] || 1 :host => params[:host] || "127.0.0.1", :port => params[:port] || "514", :log_base => params[:log_base] || node[:syslog_ng][:log_dir] - :log_name => params[:log_name] || "default.log" + :log_name => params[:log_name] || "default.log" } directory "#{application[:log_base]}" do @@ -62,4 +63,13 @@ notifies :restart, resources(:service => "syslog-ng"), :immediately end + + template "/etc/cron.daily/#{application[:name]_compress_logs" do + source compress_logs.erb + mode 0755 + owner "root" + group "root" + variables( :application => application ) + end + end diff --git a/templates/default/compress_logs.erb b/templates/default/compress_logs.erb new file mode 100644 index 0000000..b4f906f --- /dev/null +++ b/templates/default/compress_logs.erb @@ -0,0 +1,2 @@ +#!/bin/sh +find "<%= @application[:log_base] %>/<%= @application[:name] %>" -type f ! -mtime '-<%= @application[:days_uncompressed] %>' ! -name '*gz' -exec gzip \{\} \; From 7948146070d860e32128f3d53a8d78b6b63ff065 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 12:49:57 -0400 Subject: [PATCH 12/30] Bump version --- README.md | 9 +++++++++ metadata.rb | 2 +- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 454af79..942e316 100644 --- a/README.md +++ b/README.md @@ -76,6 +76,15 @@ limitations under the License. Changes ======= +### v 1.1.0 + +* adding a new definition for configuring forwarding +* renaming the defintion that writes files to make that clearer in the name +* in the definition for writing files, allow specifying file name +* in the definition for writing files, compress old log files +* moving system logging configuration from the default recipe to a new recipe + + ### v 1.0.0 * Initial public release diff --git a/metadata.rb b/metadata.rb index a008836..e1507ae 100644 --- a/metadata.rb +++ b/metadata.rb @@ -3,4 +3,4 @@ license "Apache 2.0" description "Installs/Configures syslog-ng" long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version "1.0.0" +version "1.1.0" From ca69b799f0831c5429780a293a2124587178daed Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 15:01:46 -0400 Subject: [PATCH 13/30] Syntax fixes --- README.md | 4 ++-- definitions/syslog_ng_file.rb | 12 +++++++----- definitions/syslog_ng_forwarder.rb | 15 --------------- .../{syslog_ng_file.rb => syslog_ng_file.erb} | 0 4 files changed, 9 insertions(+), 22 deletions(-) rename templates/default/{syslog_ng_file.rb => syslog_ng_file.erb} (100%) diff --git a/README.md b/README.md index 942e316..8a35791 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ Usage ### In a cookbook: include_recipe "syslog-ng" - syslog_ng_file application[:name] do + syslog_ng_file "application_foo" do index "02" days_uncompressed "7" host "127.0.0.1" @@ -44,7 +44,7 @@ Usage log_name "default.log" end - syslog_ng_forwarder application[:name] do + syslog_ng_forwarder "application_foo" do index "03" host "127.0.0.1" port "514" diff --git a/definitions/syslog_ng_file.rb b/definitions/syslog_ng_file.rb index bb74a3c..c69fd41 100644 --- a/definitions/syslog_ng_file.rb +++ b/definitions/syslog_ng_file.rb @@ -20,15 +20,16 @@ define :syslog_ng_file, :template => "syslog_ng_file.erb" do include_recipe "syslog-ng" + application = { :name => params[:name], :index => params[:index] || "02", :cookbook => params[:cookbook] || "syslog-ng", - :days_uncompressed => params[:days_uncompressed] || 1 + :days_uncompressed => params[:days_uncompressed] || 1, :host => params[:host] || "127.0.0.1", :port => params[:port] || "514", - :log_base => params[:log_base] || node[:syslog_ng][:log_dir] - :log_name => params[:log_name] || "default.log" + :log_base => params[:log_base] || node[:syslog_ng][:log_dir], + :log_name => params[:log_name] || "default.log", } directory "#{application[:log_base]}" do @@ -64,8 +65,9 @@ notifies :restart, resources(:service => "syslog-ng"), :immediately end - template "/etc/cron.daily/#{application[:name]_compress_logs" do - source compress_logs.erb + template "/etc/cron.daily/#{application[:name]}_compress_logs" do + source "compress_logs.erb" + cookbook application[:cookbook] mode 0755 owner "root" group "root" diff --git a/definitions/syslog_ng_forwarder.rb b/definitions/syslog_ng_forwarder.rb index eda7e12..54c925c 100644 --- a/definitions/syslog_ng_forwarder.rb +++ b/definitions/syslog_ng_forwarder.rb @@ -31,20 +31,6 @@ :port => params[:port] || "514", } - directory "#{application[:log_base]}" do - owner node[:syslog_ng][:user] - group node[:syslog_ng][:group] - mode 00755 - action :create - end - - directory "#{application[:log_base]}/#{application[:name]}" do - owner node[:syslog_ng][:user] - group node[:syslog_ng][:group] - mode 00755 - action :create - end - template "#{node[:syslog_ng][:config_dir]}/conf.d/#{application[:index]}#{application[:name]}" do source params[:template] owner node[:syslog_ng][:user] @@ -64,4 +50,3 @@ notifies :restart, resources(:service => "syslog-ng"), :immediately end end -\ diff --git a/templates/default/syslog_ng_file.rb b/templates/default/syslog_ng_file.erb similarity index 100% rename from templates/default/syslog_ng_file.rb rename to templates/default/syslog_ng_file.erb From 0f83e4bf321088bcdba05ce0c47482c5d40870c0 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Thu, 28 Jun 2012 15:49:17 -0400 Subject: [PATCH 14/30] Template erb fixes --- templates/default/syslog_ng_forwarder.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/default/syslog_ng_forwarder.erb b/templates/default/syslog_ng_forwarder.erb index 1b70446..ab4f00c 100644 --- a/templates/default/syslog_ng_forwarder.erb +++ b/templates/default/syslog_ng_forwarder.erb @@ -10,7 +10,7 @@ source s_udp_<%= @application[:name] %> { }; destination d_<%= @application[:destination_protocol] %>_<%= @application[:name] %> { - <%= @application[:destination_protocol] %>( "<%= @application[:destination_host] %>" port(@application[:destination_port]) );; + <%= @application[:destination_protocol] %>( "<%= @application[:destination_host] %>" port(<%= @application[:destination_port] %>) ); }; log { From 09e7f8a9bd8e55c5eaff701e3c725b40b5fb9e26 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Fri, 29 Jun 2012 17:36:58 -0400 Subject: [PATCH 15/30] Break source out into own definition --- README.md | 27 +++++++----- definitions/syslog_ng_file.rb | 3 +- definitions/syslog_ng_forwarder.rb | 3 +- definitions/syslog_ng_source.rb | 51 +++++++++++++++++++++++ metadata.rb | 2 +- templates/default/syslog_ng_file.erb | 7 +--- templates/default/syslog_ng_forwarder.erb | 7 +--- templates/default/syslog_ng_source.erb | 11 +++++ 8 files changed, 84 insertions(+), 27 deletions(-) create mode 100644 definitions/syslog_ng_source.rb create mode 100644 templates/default/syslog_ng_source.erb diff --git a/README.md b/README.md index 8a35791..bee42df 100644 --- a/README.md +++ b/README.md @@ -6,12 +6,11 @@ The Syslog NG cookbook installs and configures syslog-ng service. There are two * syslog-ng enables syslog-ng but does not affect your current syslog configuration * syslog-ng::global disables your existing syslog and configures syslog-ng to handle system logging -There are also two definitions +There are also three definitions -* syslog_ng_file configures syslog-ng to listen on a udp port and write logs it receives to a file -* syslog_ng_forwarder configures syslog-ng to listen on a udp port and forward logs it receives to another syslog server - -If you want logs both to be written to a file and to be forwarded, you can use the same host and port in each definition. +* syslog_ng_source configures syslog-ng to listen on a udp port +* syslog_ng_file configures syslog-ng to write logs it receives to a file +* syslog_ng_forwarder configures syslog-ng to forward logs it receives to another syslog server The path to logfiles is generated by concatenating log_base, the application name, and log_name. When setting log_base and log_name you can use syslog-ng macros. For example, log_name could be "${YEAR}/${MONTH}/${DAY}/${HOUR}.log" @@ -35,19 +34,23 @@ Usage ### In a cookbook: include_recipe "syslog-ng" - syslog_ng_file "application_foo" do + syslog_ng_source "source_foo" do index "02" - days_uncompressed "7" host "127.0.0.1" port "514" + end + + syslog_ng_file "application_foo" do + index "03" + source_name "source_foo" + days_uncompressed "7" log_base "/var/applogs" log_name "default.log" end syslog_ng_forwarder "application_foo" do - index "03" - host "127.0.0.1" - port "514" + index "04" + source_name "source_foo" destination_host "example.com" destination_port "514" destination_protocol "udp" @@ -76,6 +79,10 @@ limitations under the License. Changes ======= +### v 1.2.0 + +* Break source out into its own definition + ### v 1.1.0 * adding a new definition for configuring forwarding diff --git a/definitions/syslog_ng_file.rb b/definitions/syslog_ng_file.rb index c69fd41..931d8a7 100644 --- a/definitions/syslog_ng_file.rb +++ b/definitions/syslog_ng_file.rb @@ -25,9 +25,8 @@ :name => params[:name], :index => params[:index] || "02", :cookbook => params[:cookbook] || "syslog-ng", + :source_name => params[:source_name], :days_uncompressed => params[:days_uncompressed] || 1, - :host => params[:host] || "127.0.0.1", - :port => params[:port] || "514", :log_base => params[:log_base] || node[:syslog_ng][:log_dir], :log_name => params[:log_name] || "default.log", } diff --git a/definitions/syslog_ng_forwarder.rb b/definitions/syslog_ng_forwarder.rb index 54c925c..3a68d40 100644 --- a/definitions/syslog_ng_forwarder.rb +++ b/definitions/syslog_ng_forwarder.rb @@ -24,11 +24,10 @@ :name => params[:name], :index => params[:index] || "02", :cookbook => params[:cookbook] || "syslog-ng", + :source_name => params[:source_name], :destination_host => params[:destination_host], :destination_port => params[:destination_port] || "514", :destination_protocol => params[:destination_protocol] || "udp", - :host => params[:host] || "127.0.0.1", - :port => params[:port] || "514", } template "#{node[:syslog_ng][:config_dir]}/conf.d/#{application[:index]}#{application[:name]}" do diff --git a/definitions/syslog_ng_source.rb b/definitions/syslog_ng_source.rb new file mode 100644 index 0000000..712b5ae --- /dev/null +++ b/definitions/syslog_ng_source.rb @@ -0,0 +1,51 @@ +# +# Cookbook Name:: syslog-ng +# Definition:: syslog_ng_file +# +# Copyright 2012, Artem Veremey +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +define :syslog_ng_source, :template => "syslog_ng_source.erb" do + include_recipe "syslog-ng" + + + application = { + :name => params[:name], + :index => params[:index] || "02", + :cookbook => params[:cookbook] || "syslog-ng", + :host => params[:host] || "127.0.0.1", + :port => params[:port] || "514", + } + + template "#{node[:syslog_ng][:config_dir]}/conf.d/#{application[:index]}#{application[:name]}" do + source params[:template] + owner node[:syslog_ng][:user] + group node[:syslog_ng][:group] + mode 00640 + cookbook application[:cookbook] + + if params[:cookbook] + cookbook params[:cookbook] + end + + variables( + :application => application, + :params => params + ) + + notifies :restart, resources(:service => "syslog-ng"), :immediately + end + +end diff --git a/metadata.rb b/metadata.rb index e1507ae..bff3633 100644 --- a/metadata.rb +++ b/metadata.rb @@ -3,4 +3,4 @@ license "Apache 2.0" description "Installs/Configures syslog-ng" long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version "1.1.0" +version "1.2.0" diff --git a/templates/default/syslog_ng_file.erb b/templates/default/syslog_ng_file.erb index 7bf5c07..05a4feb 100644 --- a/templates/default/syslog_ng_file.erb +++ b/templates/default/syslog_ng_file.erb @@ -4,17 +4,12 @@ # <%= node[:syslog_ng][:config_dir] %>/conf.d/<%= [@application[:index], @application[:name]].join %> # - -source s_udp_<%= @application[:name] %> { - udp (ip(<%= @application[:host] %>) port(<%= @application[:port] %>)); -}; - destination d_file_<%= @application[:name] %> { file("<%= @application[:log_base] %>/<%= @application[:name] %>/<%= @application[:log_name]%>"); }; log { - source(s_udp_<%= @application[:name] %>); + source(s_udp_<%= @application[:source_name] %>); destination(d_file_<%= @application[:name] %>); }; diff --git a/templates/default/syslog_ng_forwarder.erb b/templates/default/syslog_ng_forwarder.erb index ab4f00c..57cabbf 100644 --- a/templates/default/syslog_ng_forwarder.erb +++ b/templates/default/syslog_ng_forwarder.erb @@ -4,17 +4,12 @@ # <%= node[:syslog_ng][:config_dir] %>/conf.d/<%= [@application[:index], @application[:name]].join %> # - -source s_udp_<%= @application[:name] %> { - udp (ip(<%= @application[:host] %>) port(<%= @application[:port] %>)); -}; - destination d_<%= @application[:destination_protocol] %>_<%= @application[:name] %> { <%= @application[:destination_protocol] %>( "<%= @application[:destination_host] %>" port(<%= @application[:destination_port] %>) ); }; log { - source(s_udp_<%= @application[:name] %>); + source(s_udp_<%= @application[:source_name] %>); destination(d_<%= @application[:destination_protocol] %>_<%= @application[:name] %>); }; diff --git a/templates/default/syslog_ng_source.erb b/templates/default/syslog_ng_source.erb new file mode 100644 index 0000000..f204a1d --- /dev/null +++ b/templates/default/syslog_ng_source.erb @@ -0,0 +1,11 @@ +# Generated by Chef for <%= node[:fqdn] %> +# Local modifications will be overwritten. +# +# <%= node[:syslog_ng][:config_dir] %>/conf.d/<%= [@application[:index], @application[:name]].join %> +# + +source s_udp_<%= @application[:name] %> { + udp (ip(<%= @application[:host] %>) port(<%= @application[:port] %>)); +}; + +# do not forget the empty line From e5fe6291ab5faf8a186e784b7b892dc500d93af4 Mon Sep 17 00:00:00 2001 From: Brian Pitts Date: Mon, 2 Jul 2012 17:39:22 -0400 Subject: [PATCH 16/30] Allow configuring filters --- README.md | 17 ++++++-- definitions/syslog_ng_file.rb | 5 +++ definitions/syslog_ng_filter.rb | 50 +++++++++++++++++++++++ definitions/syslog_ng_forwarder.rb | 5 +++ metadata.rb | 2 +- templates/default/syslog_ng_file.erb | 3 ++ templates/default/syslog_ng_filter.erb | 11 +++++ templates/default/syslog_ng_forwarder.erb | 3 ++ 8 files changed, 92 insertions(+), 4 deletions(-) create mode 100644 definitions/syslog_ng_filter.rb create mode 100644 templates/default/syslog_ng_filter.erb diff --git a/README.md b/README.md index bee42df..90caf2d 100644 --- a/README.md +++ b/README.md @@ -6,9 +6,10 @@ The Syslog NG cookbook installs and configures syslog-ng service. There are two * syslog-ng enables syslog-ng but does not affect your current syslog configuration * syslog-ng::global disables your existing syslog and configures syslog-ng to handle system logging -There are also three definitions +There are also four definitions * syslog_ng_source configures syslog-ng to listen on a udp port +* syslog_ng_source configures a filter * syslog_ng_file configures syslog-ng to write logs it receives to a file * syslog_ng_forwarder configures syslog-ng to forward logs it receives to another syslog server @@ -48,9 +49,15 @@ Usage log_name "default.log" end - syslog_ng_forwarder "application_foo" do - index "04" + syslog_ng_filter "warnings" do + index "04" + filter "level(warning)" + end + + syslog_ng_forwarder "application_foo_warnings" do + index "05" source_name "source_foo" + filter_name "warnings" destination_host "example.com" destination_port "514" destination_protocol "udp" @@ -79,6 +86,10 @@ limitations under the License. Changes ======= +### v 1.3.0 + +* Create filter definition and have file and forwarder optionally take a filter + ### v 1.2.0 * Break source out into its own definition diff --git a/definitions/syslog_ng_file.rb b/definitions/syslog_ng_file.rb index 931d8a7..775c4d6 100644 --- a/definitions/syslog_ng_file.rb +++ b/definitions/syslog_ng_file.rb @@ -31,6 +31,11 @@ :log_name => params[:log_name] || "default.log", } + # filter_name is optional + if params[:filter_name] + application[:filter_name] = params[:filter_name] + end + directory "#{application[:log_base]}" do owner node[:syslog_ng][:user] group node[:syslog_ng][:group] diff --git a/definitions/syslog_ng_filter.rb b/definitions/syslog_ng_filter.rb new file mode 100644 index 0000000..a737a99 --- /dev/null +++ b/definitions/syslog_ng_filter.rb @@ -0,0 +1,50 @@ +# +# Cookbook Name:: syslog-ng +# Definition:: syslog_ng_file +# +# Copyright 2012, Artem Veremey +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +define :syslog_ng_filter, :template => "syslog_ng_filter.erb" do + include_recipe "syslog-ng" + + + application = { + :name => params[:name], + :index => params[:index] || "02", + :cookbook => params[:cookbook] || "syslog-ng", + :filter => params[:filter], + } + + template "#{node[:syslog_ng][:config_dir]}/conf.d/#{application[:index]}#{application[:name]}" do + source params[:template] + owner node[:syslog_ng][:user] + group node[:syslog_ng][:group] + mode 00640 + cookbook application[:cookbook] + + if params[:cookbook] + cookbook params[:cookbook] + end + + variables( + :application => application, + :params => params + ) + + notifies :restart, resources(:service => "syslog-ng"), :immediately + end + +end diff --git a/definitions/syslog_ng_forwarder.rb b/definitions/syslog_ng_forwarder.rb index 3a68d40..0a91545 100644 --- a/definitions/syslog_ng_forwarder.rb +++ b/definitions/syslog_ng_forwarder.rb @@ -30,6 +30,11 @@ :destination_protocol => params[:destination_protocol] || "udp", } + # filter_name is optional + if params[:filter_name] + application[:filter_name] = params[:filter_name] + end + template "#{node[:syslog_ng][:config_dir]}/conf.d/#{application[:index]}#{application[:name]}" do source params[:template] owner node[:syslog_ng][:user] diff --git a/metadata.rb b/metadata.rb index bff3633..5337e92 100644 --- a/metadata.rb +++ b/metadata.rb @@ -3,4 +3,4 @@ license "Apache 2.0" description "Installs/Configures syslog-ng" long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version "1.2.0" +version "1.3.0" diff --git a/templates/default/syslog_ng_file.erb b/templates/default/syslog_ng_file.erb index 05a4feb..63e0bf2 100644 --- a/templates/default/syslog_ng_file.erb +++ b/templates/default/syslog_ng_file.erb @@ -10,6 +10,9 @@ destination d_file_<%= @application[:name] %> { log { source(s_udp_<%= @application[:source_name] %>); + <% if @application[:filter_name] -%> + filter(f_<%= @application[:filter_name] %>); + <% end -%> destination(d_file_<%= @application[:name] %>); }; diff --git a/templates/default/syslog_ng_filter.erb b/templates/default/syslog_ng_filter.erb new file mode 100644 index 0000000..c1ce666 --- /dev/null +++ b/templates/default/syslog_ng_filter.erb @@ -0,0 +1,11 @@ +# Generated by Chef for <%= node[:fqdn] %> +# Local modifications will be overwritten. +# +# <%= node[:syslog_ng][:config_dir] %>/conf.d/<%= [@application[:index], @application[:name]].join %> +# + +filter f_<%= @application[:name] %> { + <%= @application[:filter] %>; +}; + +# do not forget the empty line diff --git a/templates/default/syslog_ng_forwarder.erb b/templates/default/syslog_ng_forwarder.erb index 57cabbf..ed56a0e 100644 --- a/templates/default/syslog_ng_forwarder.erb +++ b/templates/default/syslog_ng_forwarder.erb @@ -10,6 +10,9 @@ destination d_<%= @application[:destination_protocol] %>_<%= @application[:name] log { source(s_udp_<%= @application[:source_name] %>); + <% if @application[:filter_name] -%> + filter(f_<%= @application[:filter_name] %>); + <% end -%> destination(d_<%= @application[:destination_protocol] %>_<%= @application[:name] %>); }; From 657d686edb573465b21d42ec621bc4385d3d3741 Mon Sep 17 00:00:00 2001 From: Ira Abramov Date: Tue, 29 Jan 2013 17:41:43 +0200 Subject: [PATCH 17/30] an obvious error in the readme --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 90caf2d..9f49ac6 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ The Syslog NG cookbook installs and configures syslog-ng service. There are two There are also four definitions * syslog_ng_source configures syslog-ng to listen on a udp port -* syslog_ng_source configures a filter +* syslog_ng_filter configures a filter * syslog_ng_file configures syslog-ng to write logs it receives to a file * syslog_ng_forwarder configures syslog-ng to forward logs it receives to another syslog server From 89717074961f4052ce0f1a2d684632fe5f659831 Mon Sep 17 00:00:00 2001 From: Pal David Gergely Date: Wed, 23 Apr 2014 01:40:05 +0200 Subject: [PATCH 18/30] added name attribute to metadata.rb to avoid Ridley errors --- metadata.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/metadata.rb b/metadata.rb index 5337e92..d0a329d 100644 --- a/metadata.rb +++ b/metadata.rb @@ -1,3 +1,4 @@ +name 'syslog-ng' maintainer "Artem Veremey" maintainer_email "artem@veremey.net" license "Apache 2.0" From 948ffa48979bc9fa9c99b8be4f912e2fd18f2c94 Mon Sep 17 00:00:00 2001 From: Pal David Gergely Date: Tue, 3 Jun 2014 09:02:40 +0200 Subject: [PATCH 19/30] Added Ubuntu compatibility with the least possible amount of modifications to the original cookbook --- files/ubuntu/syslog-ng | 141 +++++++++++++++++++++++++++++++ files/ubuntu/syslog-ng.conf | 161 ++++++++++++++++++++++++++++++++++++ recipes/default.rb | 12 ++- 3 files changed, 310 insertions(+), 4 deletions(-) create mode 100644 files/ubuntu/syslog-ng create mode 100644 files/ubuntu/syslog-ng.conf diff --git a/files/ubuntu/syslog-ng b/files/ubuntu/syslog-ng new file mode 100644 index 0000000..3ac6c63 --- /dev/null +++ b/files/ubuntu/syslog-ng @@ -0,0 +1,141 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: syslog-ng +# Required-Start: $local_fs $network $time $remote_fs +# Required-Stop: $local_fs $network $time $remote_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Starting system logging daemon +# Description: Starting syslog-NG, the next generation +# syslog daemon. +### END INIT INFO# + +set -e + +SYSLOGNG_OPTS="" + +#we source /etc/default/syslog-ng if exists +[ -r /etc/default/syslog-ng ] && . /etc/default/syslog-ng + +# stop syslog-ng before changing its PID file! +PIDFILE="/var/run/syslog-ng.pid" + +SYSLOGNG="/usr/sbin/syslog-ng" +NAME="syslog-ng" + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +test -f $SYSLOGNG || exit 0 + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. +. /lib/lsb/init-functions + +case "x$CONSOLE_LOG_LEVEL" in + x[1-8]) + dmesg -n $CONSOLE_LOG_LEVEL + ;; + x) + ;; + *) + log_warning_msg "CONSOLE_LOG_LEVEL is of unaccepted value." + ;; +esac + +create_xconsole() { + if [ ! -e /dev/xconsole ] + then + mknod -m 640 /dev/xconsole p + fi +} + +create_pidfiledir() { + if [ ! -d /var/run/syslog-ng ] + then + mkdir -p /var/run/syslog-ng + fi +} + +syslogng_wait() { + if [ "$2" -ne 0 ]; then + return 1 + fi + + RET=1 + for i in $(seq 1 30); do + status=0 + syslog-ng-ctl stats >/dev/null 2>&1 || status=$? + if [ "$status" != "$1" ]; then + RET=0 + break + fi + sleep 1s + done + return $RET +} + +syslogng_start() { + log_daemon_msg "Starting system logging" "$NAME" + create_pidfiledir + create_xconsole + install -d /var/lib/syslog-ng + start-stop-daemon --start --oknodo --quiet --exec "$SYSLOGNG" \ + --pidfile "$PIDFILE" -- -p "$PIDFILE" $SYSLOGNG_OPTS + syslogng_wait 1 $? + RET="$?" + log_end_msg $RET + return $RET +} + +syslogng_stop() { + log_daemon_msg "Stopping system logging" "$NAME" + start-stop-daemon --stop --oknodo --quiet --name "$NAME" --retry 3 \ + --pidfile "$PIDFILE" + syslogng_wait 0 $? + RET="$?" + log_end_msg $RET + rm -f "$PIDFILE" + return $RET +} + +syslogng_reload() { + log_daemon_msg "Reload system logging" "$NAME" + if $SYSLOGNG -s $SYSLOGNG_OPTS + then + start-stop-daemon --stop --signal 1 --quiet --exec "$SYSLOGNG" \ + --pidfile "$PIDFILE" + syslogng_wait 1 $? + RET="$?" + log_end_msg $RET + return $RET + else + log_end_msg 1 + return 1 + fi +} + + +case "$1" in + start) + syslogng_start || exit 1 + ;; + stop) + syslogng_stop || exit 1 + ;; + reload|force-reload) + syslogng_reload || exit 1 + ;; + restart) + syslogng_stop + syslogng_start || exit 1 + ;; + status) + status_of_proc "$SYSLOGNG" "$NAME" && exit 0 || exit $? + ;; + *) + echo "Usage: /etc/init.d/$NAME {start|stop|restart|reload|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 + diff --git a/files/ubuntu/syslog-ng.conf b/files/ubuntu/syslog-ng.conf new file mode 100644 index 0000000..2e599ff --- /dev/null +++ b/files/ubuntu/syslog-ng.conf @@ -0,0 +1,161 @@ +@version: 3.3 +@include "scl.conf" + +# Syslog-ng configuration file, compatible with default Debian syslogd +# installation. + +# First, set some global options. +options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no); + owner("root"); group("adm"); perm(0640); stats_freq(0); + bad_hostname("^gconfd$"); +}; + +######################## +# Sources +######################## +# This is the default behavior of sysklogd package +# Logs may come from unix stream, but not from another machine. +# +source s_src { + system(); + internal(); +}; + +# If you wish to get logs from remote machine you should uncomment +# this and comment the above source line. +# +#source s_net { tcp(ip(127.0.0.1) port(1000) authentication(required) encrypt(allow)); }; + +######################## +# Destinations +######################## +# First some standard logfile +# +destination d_auth { file("/var/log/auth.log"); }; +destination d_cron { file("/var/log/cron.log"); }; +destination d_daemon { file("/var/log/daemon.log"); }; +destination d_kern { file("/var/log/kern.log"); }; +destination d_lpr { file("/var/log/lpr.log"); }; +destination d_mail { file("/var/log/mail.log"); }; +destination d_syslog { file("/var/log/syslog"); }; +destination d_user { file("/var/log/user.log"); }; +destination d_uucp { file("/var/log/uucp.log"); }; + +# This files are the log come from the mail subsystem. +# +destination d_mailinfo { file("/var/log/mail/mail.info"); }; +destination d_mailwarn { file("/var/log/mail/mail.warn"); }; +destination d_mailerr { file("/var/log/mail/mail.err"); }; + +# Logging for INN news system +# +destination d_newscrit { file("/var/log/news/news.crit"); }; +destination d_newserr { file("/var/log/news/news.err"); }; +destination d_newsnotice { file("/var/log/news/news.notice"); }; + +# Some `catch-all' logfiles. +# +destination d_debug { file("/var/log/debug"); }; +destination d_error { file("/var/log/error"); }; +destination d_messages { file("/var/log/messages"); }; + +# The root's console. +# +destination d_console { usertty("root"); }; + +# Virtual console. +# +destination d_console_all { file("/dev/tty10"); }; + +# The named pipe /dev/xconsole is for the nsole' utility. To use it, +# you must invoke nsole' with the -file' option: +# +# $ xconsole -file /dev/xconsole [...] +# +destination d_xconsole { pipe("/dev/xconsole"); }; + +# Send the messages to an other host +# +#destination d_net { tcp("127.0.0.1" port(1000) authentication(on) encrypt(on) log_fifo_size(1000)); }; + +# Debian only +destination d_ppp { file("/var/log/ppp.log"); }; + +######################## +# Filters +######################## +# Here's come the filter options. With this rules, we can set which +# message go where. + +filter f_dbg { level(debug); }; +filter f_info { level(info); }; +filter f_notice { level(notice); }; +filter f_warn { level(warn); }; +filter f_err { level(err); }; +filter f_crit { level(crit .. emerg); }; + +filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); }; +filter f_error { level(err .. emerg) ; }; +filter f_messages { level(info,notice,warn) and + not facility(auth,authpriv,cron,daemon,mail,news); }; + +filter f_auth { facility(auth, authpriv) and not filter(f_debug); }; +filter f_cron { facility(cron) and not filter(f_debug); }; +filter f_daemon { facility(daemon) and not filter(f_debug); }; +filter f_kern { facility(kern) and not filter(f_debug); }; +filter f_lpr { facility(lpr) and not filter(f_debug); }; +filter f_local { facility(local0, local1, local3, local4, local5, + local6, local7) and not filter(f_debug); }; +filter f_mail { facility(mail) and not filter(f_debug); }; +filter f_news { facility(news) and not filter(f_debug); }; +filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); }; +filter f_user { facility(user) and not filter(f_debug); }; +filter f_uucp { facility(uucp) and not filter(f_debug); }; + +filter f_cnews { level(notice, err, crit) and facility(news); }; +filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); }; + +filter f_ppp { facility(local2) and not filter(f_debug); }; +filter f_console { level(warn .. emerg); }; + +######################## +# Log paths +######################## +log { source(s_src); filter(f_auth); destination(d_auth); }; +log { source(s_src); filter(f_cron); destination(d_cron); }; +log { source(s_src); filter(f_daemon); destination(d_daemon); }; +log { source(s_src); filter(f_kern); destination(d_kern); }; +log { source(s_src); filter(f_lpr); destination(d_lpr); }; +log { source(s_src); filter(f_syslog3); destination(d_syslog); }; +log { source(s_src); filter(f_user); destination(d_user); }; +log { source(s_src); filter(f_uucp); destination(d_uucp); }; + +log { source(s_src); filter(f_mail); destination(d_mail); }; +#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); }; +#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); }; +#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); }; + +log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); }; +log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); }; +log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); }; +#log { source(s_src); filter(f_cnews); destination(d_console_all); }; +#log { source(s_src); filter(f_cother); destination(d_console_all); }; + +#log { source(s_src); filter(f_ppp); destination(d_ppp); }; + +log { source(s_src); filter(f_debug); destination(d_debug); }; +log { source(s_src); filter(f_error); destination(d_error); }; +log { source(s_src); filter(f_messages); destination(d_messages); }; + +log { source(s_src); filter(f_console); destination(d_console_all); + destination(d_xconsole); }; +log { source(s_src); filter(f_crit); destination(d_console); }; + +# All messages send to a remote site +# +#log { source(s_src); destination(d_net); }; + +### +# Include all config files in /etc/syslog-ng/conf.d/ +### +@include "/etc/syslog-ng/conf.d/" diff --git a/recipes/default.rb b/recipes/default.rb index 9a7d776..fd6fc04 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -38,10 +38,14 @@ action :create end -cookbook_file "#{node[:syslog_ng][:config_dir]}/conf.d/00base" do - owner node[:syslog_ng][:user] - group node[:syslog_ng][:group] - mode 00640 +if !platform?("ubuntu") + + cookbook_file "#{node[:syslog_ng][:config_dir]}/conf.d/00base" do + owner node[:syslog_ng][:user] + group node[:syslog_ng][:group] + mode 00640 + end + end directory "#{node[:syslog_ng][:log_dir]}" do From e693bfb723754903cc2834df9ed4feb0eef283db Mon Sep 17 00:00:00 2001 From: Pal David Gergely Date: Fri, 26 Sep 2014 19:27:41 +0200 Subject: [PATCH 20/30] Added a workaround for Ubuntu 14.04 syslog-ng package installation --- recipes/default.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/recipes/default.rb b/recipes/default.rb index fd6fc04..96a5438 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -16,6 +16,12 @@ # See the License for the specific language governing permissions and # limitations under the License. # +# Workaround for currently broken syslog-ng metapackage or some apt bug +# The problem is that the metapacke will not install the syslog-ng-core +# dependency for some reason +if node[:platform] == 'ubuntu' && node[:platform_version] == '14.04' + package 'syslog-ng-core' +end package "syslog-ng" From 35967b7611ab4a4cdcdad9dd81cd4fdfb32b0dad Mon Sep 17 00:00:00 2001 From: David Schlenk Date: Wed, 17 Dec 2014 20:33:37 -0600 Subject: [PATCH 21/30] Revert to 89717074961f4052ce0f1a2d684632fe5f659831 --- files/ubuntu/syslog-ng | 141 ------------------------------- files/ubuntu/syslog-ng.conf | 161 ------------------------------------ recipes/default.rb | 18 +--- 3 files changed, 4 insertions(+), 316 deletions(-) delete mode 100644 files/ubuntu/syslog-ng delete mode 100644 files/ubuntu/syslog-ng.conf diff --git a/files/ubuntu/syslog-ng b/files/ubuntu/syslog-ng deleted file mode 100644 index 3ac6c63..0000000 --- a/files/ubuntu/syslog-ng +++ /dev/null @@ -1,141 +0,0 @@ -#! /bin/sh -### BEGIN INIT INFO -# Provides: syslog-ng -# Required-Start: $local_fs $network $time $remote_fs -# Required-Stop: $local_fs $network $time $remote_fs -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: Starting system logging daemon -# Description: Starting syslog-NG, the next generation -# syslog daemon. -### END INIT INFO# - -set -e - -SYSLOGNG_OPTS="" - -#we source /etc/default/syslog-ng if exists -[ -r /etc/default/syslog-ng ] && . /etc/default/syslog-ng - -# stop syslog-ng before changing its PID file! -PIDFILE="/var/run/syslog-ng.pid" - -SYSLOGNG="/usr/sbin/syslog-ng" -NAME="syslog-ng" - -PATH=/sbin:/bin:/usr/sbin:/usr/bin -test -f $SYSLOGNG || exit 0 - -# Define LSB log_* functions. -# Depend on lsb-base (>= 3.0-6) to ensure that this file is present. -. /lib/lsb/init-functions - -case "x$CONSOLE_LOG_LEVEL" in - x[1-8]) - dmesg -n $CONSOLE_LOG_LEVEL - ;; - x) - ;; - *) - log_warning_msg "CONSOLE_LOG_LEVEL is of unaccepted value." - ;; -esac - -create_xconsole() { - if [ ! -e /dev/xconsole ] - then - mknod -m 640 /dev/xconsole p - fi -} - -create_pidfiledir() { - if [ ! -d /var/run/syslog-ng ] - then - mkdir -p /var/run/syslog-ng - fi -} - -syslogng_wait() { - if [ "$2" -ne 0 ]; then - return 1 - fi - - RET=1 - for i in $(seq 1 30); do - status=0 - syslog-ng-ctl stats >/dev/null 2>&1 || status=$? - if [ "$status" != "$1" ]; then - RET=0 - break - fi - sleep 1s - done - return $RET -} - -syslogng_start() { - log_daemon_msg "Starting system logging" "$NAME" - create_pidfiledir - create_xconsole - install -d /var/lib/syslog-ng - start-stop-daemon --start --oknodo --quiet --exec "$SYSLOGNG" \ - --pidfile "$PIDFILE" -- -p "$PIDFILE" $SYSLOGNG_OPTS - syslogng_wait 1 $? - RET="$?" - log_end_msg $RET - return $RET -} - -syslogng_stop() { - log_daemon_msg "Stopping system logging" "$NAME" - start-stop-daemon --stop --oknodo --quiet --name "$NAME" --retry 3 \ - --pidfile "$PIDFILE" - syslogng_wait 0 $? - RET="$?" - log_end_msg $RET - rm -f "$PIDFILE" - return $RET -} - -syslogng_reload() { - log_daemon_msg "Reload system logging" "$NAME" - if $SYSLOGNG -s $SYSLOGNG_OPTS - then - start-stop-daemon --stop --signal 1 --quiet --exec "$SYSLOGNG" \ - --pidfile "$PIDFILE" - syslogng_wait 1 $? - RET="$?" - log_end_msg $RET - return $RET - else - log_end_msg 1 - return 1 - fi -} - - -case "$1" in - start) - syslogng_start || exit 1 - ;; - stop) - syslogng_stop || exit 1 - ;; - reload|force-reload) - syslogng_reload || exit 1 - ;; - restart) - syslogng_stop - syslogng_start || exit 1 - ;; - status) - status_of_proc "$SYSLOGNG" "$NAME" && exit 0 || exit $? - ;; - *) - echo "Usage: /etc/init.d/$NAME {start|stop|restart|reload|force-reload|status}" >&2 - exit 1 - ;; -esac - -exit 0 - diff --git a/files/ubuntu/syslog-ng.conf b/files/ubuntu/syslog-ng.conf deleted file mode 100644 index 2e599ff..0000000 --- a/files/ubuntu/syslog-ng.conf +++ /dev/null @@ -1,161 +0,0 @@ -@version: 3.3 -@include "scl.conf" - -# Syslog-ng configuration file, compatible with default Debian syslogd -# installation. - -# First, set some global options. -options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no); - owner("root"); group("adm"); perm(0640); stats_freq(0); - bad_hostname("^gconfd$"); -}; - -######################## -# Sources -######################## -# This is the default behavior of sysklogd package -# Logs may come from unix stream, but not from another machine. -# -source s_src { - system(); - internal(); -}; - -# If you wish to get logs from remote machine you should uncomment -# this and comment the above source line. -# -#source s_net { tcp(ip(127.0.0.1) port(1000) authentication(required) encrypt(allow)); }; - -######################## -# Destinations -######################## -# First some standard logfile -# -destination d_auth { file("/var/log/auth.log"); }; -destination d_cron { file("/var/log/cron.log"); }; -destination d_daemon { file("/var/log/daemon.log"); }; -destination d_kern { file("/var/log/kern.log"); }; -destination d_lpr { file("/var/log/lpr.log"); }; -destination d_mail { file("/var/log/mail.log"); }; -destination d_syslog { file("/var/log/syslog"); }; -destination d_user { file("/var/log/user.log"); }; -destination d_uucp { file("/var/log/uucp.log"); }; - -# This files are the log come from the mail subsystem. -# -destination d_mailinfo { file("/var/log/mail/mail.info"); }; -destination d_mailwarn { file("/var/log/mail/mail.warn"); }; -destination d_mailerr { file("/var/log/mail/mail.err"); }; - -# Logging for INN news system -# -destination d_newscrit { file("/var/log/news/news.crit"); }; -destination d_newserr { file("/var/log/news/news.err"); }; -destination d_newsnotice { file("/var/log/news/news.notice"); }; - -# Some `catch-all' logfiles. -# -destination d_debug { file("/var/log/debug"); }; -destination d_error { file("/var/log/error"); }; -destination d_messages { file("/var/log/messages"); }; - -# The root's console. -# -destination d_console { usertty("root"); }; - -# Virtual console. -# -destination d_console_all { file("/dev/tty10"); }; - -# The named pipe /dev/xconsole is for the nsole' utility. To use it, -# you must invoke nsole' with the -file' option: -# -# $ xconsole -file /dev/xconsole [...] -# -destination d_xconsole { pipe("/dev/xconsole"); }; - -# Send the messages to an other host -# -#destination d_net { tcp("127.0.0.1" port(1000) authentication(on) encrypt(on) log_fifo_size(1000)); }; - -# Debian only -destination d_ppp { file("/var/log/ppp.log"); }; - -######################## -# Filters -######################## -# Here's come the filter options. With this rules, we can set which -# message go where. - -filter f_dbg { level(debug); }; -filter f_info { level(info); }; -filter f_notice { level(notice); }; -filter f_warn { level(warn); }; -filter f_err { level(err); }; -filter f_crit { level(crit .. emerg); }; - -filter f_debug { level(debug) and not facility(auth, authpriv, news, mail); }; -filter f_error { level(err .. emerg) ; }; -filter f_messages { level(info,notice,warn) and - not facility(auth,authpriv,cron,daemon,mail,news); }; - -filter f_auth { facility(auth, authpriv) and not filter(f_debug); }; -filter f_cron { facility(cron) and not filter(f_debug); }; -filter f_daemon { facility(daemon) and not filter(f_debug); }; -filter f_kern { facility(kern) and not filter(f_debug); }; -filter f_lpr { facility(lpr) and not filter(f_debug); }; -filter f_local { facility(local0, local1, local3, local4, local5, - local6, local7) and not filter(f_debug); }; -filter f_mail { facility(mail) and not filter(f_debug); }; -filter f_news { facility(news) and not filter(f_debug); }; -filter f_syslog3 { not facility(auth, authpriv, mail) and not filter(f_debug); }; -filter f_user { facility(user) and not filter(f_debug); }; -filter f_uucp { facility(uucp) and not filter(f_debug); }; - -filter f_cnews { level(notice, err, crit) and facility(news); }; -filter f_cother { level(debug, info, notice, warn) or facility(daemon, mail); }; - -filter f_ppp { facility(local2) and not filter(f_debug); }; -filter f_console { level(warn .. emerg); }; - -######################## -# Log paths -######################## -log { source(s_src); filter(f_auth); destination(d_auth); }; -log { source(s_src); filter(f_cron); destination(d_cron); }; -log { source(s_src); filter(f_daemon); destination(d_daemon); }; -log { source(s_src); filter(f_kern); destination(d_kern); }; -log { source(s_src); filter(f_lpr); destination(d_lpr); }; -log { source(s_src); filter(f_syslog3); destination(d_syslog); }; -log { source(s_src); filter(f_user); destination(d_user); }; -log { source(s_src); filter(f_uucp); destination(d_uucp); }; - -log { source(s_src); filter(f_mail); destination(d_mail); }; -#log { source(s_src); filter(f_mail); filter(f_info); destination(d_mailinfo); }; -#log { source(s_src); filter(f_mail); filter(f_warn); destination(d_mailwarn); }; -#log { source(s_src); filter(f_mail); filter(f_err); destination(d_mailerr); }; - -log { source(s_src); filter(f_news); filter(f_crit); destination(d_newscrit); }; -log { source(s_src); filter(f_news); filter(f_err); destination(d_newserr); }; -log { source(s_src); filter(f_news); filter(f_notice); destination(d_newsnotice); }; -#log { source(s_src); filter(f_cnews); destination(d_console_all); }; -#log { source(s_src); filter(f_cother); destination(d_console_all); }; - -#log { source(s_src); filter(f_ppp); destination(d_ppp); }; - -log { source(s_src); filter(f_debug); destination(d_debug); }; -log { source(s_src); filter(f_error); destination(d_error); }; -log { source(s_src); filter(f_messages); destination(d_messages); }; - -log { source(s_src); filter(f_console); destination(d_console_all); - destination(d_xconsole); }; -log { source(s_src); filter(f_crit); destination(d_console); }; - -# All messages send to a remote site -# -#log { source(s_src); destination(d_net); }; - -### -# Include all config files in /etc/syslog-ng/conf.d/ -### -@include "/etc/syslog-ng/conf.d/" diff --git a/recipes/default.rb b/recipes/default.rb index 96a5438..9a7d776 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -16,12 +16,6 @@ # See the License for the specific language governing permissions and # limitations under the License. # -# Workaround for currently broken syslog-ng metapackage or some apt bug -# The problem is that the metapacke will not install the syslog-ng-core -# dependency for some reason -if node[:platform] == 'ubuntu' && node[:platform_version] == '14.04' - package 'syslog-ng-core' -end package "syslog-ng" @@ -44,14 +38,10 @@ action :create end -if !platform?("ubuntu") - - cookbook_file "#{node[:syslog_ng][:config_dir]}/conf.d/00base" do - owner node[:syslog_ng][:user] - group node[:syslog_ng][:group] - mode 00640 - end - +cookbook_file "#{node[:syslog_ng][:config_dir]}/conf.d/00base" do + owner node[:syslog_ng][:user] + group node[:syslog_ng][:group] + mode 00640 end directory "#{node[:syslog_ng][:log_dir]}" do From 1a45e124c33f1252589692148c95cb8f42b139d1 Mon Sep 17 00:00:00 2001 From: David Schlenk Date: Wed, 17 Dec 2014 20:34:23 -0600 Subject: [PATCH 22/30] bumped version just for confusion avoidance --- metadata.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/metadata.rb b/metadata.rb index d0a329d..4948e1d 100644 --- a/metadata.rb +++ b/metadata.rb @@ -4,4 +4,4 @@ license "Apache 2.0" description "Installs/Configures syslog-ng" long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version "1.3.0" +version "1.4.0" From 039cf96185a7a608290dee3a475eb3c08a709981 Mon Sep 17 00:00:00 2001 From: David Schlenk Date: Thu, 18 Dec 2014 09:53:11 -0600 Subject: [PATCH 23/30] Change 00base to a template. Add 'chain_hostnames' option as well as an array of hashes named global_opts for additional global options to set. --- attributes/default.rb | 18 +++++++++++++---- recipes/default.rb | 15 +++++++++++++- .../00base => templates/default/00base.erb | 20 +++++++++++-------- 3 files changed, 40 insertions(+), 13 deletions(-) rename files/default/00base => templates/default/00base.erb (57%) diff --git a/attributes/default.rb b/attributes/default.rb index 11a11cf..7ee032c 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -1,4 +1,14 @@ -default[:syslog_ng][:user] = "root" -default[:syslog_ng][:group] = "root" -default[:syslog_ng][:log_dir] = "/var/log/syslog-ng" -default[:syslog_ng][:config_dir] = "/etc/syslog-ng" \ No newline at end of file +default[:syslog_ng][:user] = "root" +default[:syslog_ng][:group] = "root" +default[:syslog_ng][:log_dir] = "/var/log/syslog-ng" +default[:syslog_ng][:config_dir] = "/etc/syslog-ng" +default[:syslog_ng][:sync] = 0 +default[:syslog_ng][:time_reopen] = 10 +default[:syslog_ng][:log_fifo_size] = 1000 +default[:syslog_ng][:long_hostnames] = 'off' +default[:syslog_ng][:use_dns] = 'no' +default[:syslog_ng][:use_fqdn] = 'no' +default[:syslog_ng][:create_dirs] = 'yes' +default[:syslog_ng][:keep_hostname] = 'yes' +default[:syslog_ng][:chain_hostnames] = 'yes' +default[:syslog_ng][:global_opts] = [] diff --git a/recipes/default.rb b/recipes/default.rb index 9a7d776..c81fe05 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -38,10 +38,23 @@ action :create end -cookbook_file "#{node[:syslog_ng][:config_dir]}/conf.d/00base" do +template "#{node[:syslog_ng][:config_dir]}/conf.d/00base" do + source "00base.erb" owner node[:syslog_ng][:user] group node[:syslog_ng][:group] mode 00640 + variables( + :sync => node[:syslog_ng][:sync], + :time_reopen => node[:syslog_ng][:time_reopen], + :log_fifo_size => node[:syslog_ng][:log_fifo_size], + :long_hostnames => node[:syslog_ng][:long_hostnames], + :use_dns => node[:syslog_ng][:use_dns], + :use_fqdn => node[:syslog_ng][:use_fqdn], + :create_dirs => node[:syslog_ng][:create_dirs], + :keep_hostname => node[:syslog_ng][:keep_hostname], + :chain_hostnames => node[:syslog_ng][:chain_hostnames] + :global_opts => node[:syslog_ng][:global_opts] + ) end directory "#{node[:syslog_ng][:log_dir]}" do diff --git a/files/default/00base b/templates/default/00base.erb similarity index 57% rename from files/default/00base rename to templates/default/00base.erb index 42907c6..cb227d7 100644 --- a/files/default/00base +++ b/templates/default/00base.erb @@ -16,14 +16,18 @@ # options { - sync (0); - time_reopen (10); - log_fifo_size (1000); - long_hostnames (off); - use_dns (no); - use_fqdn (no); - create_dirs (yes); - keep_hostname (yes); + sync (<%=@sync%>); + time_reopen (<%=@time_reopen%>); + log_fifo_size (<%=@log_fifo_size%>); + long_hostnames (<%=@long_hostnames%>); + use_dns (<%=@use_dns%>); + use_fqdn (<%=@use_fqdn%>); + create_dirs (<%=@create_dirs%>); + keep_hostname (<%=@keep_hostname%>); + chain_hostnames (<%=@chain_hostnames%>); + <% @global_opts.each do |k,v| -%> + <%=k%> (<%=v%>); + <% end -%> }; # Remember to add an empty line at the end of file From 9655e14341915903fc26620d71ff686978262706 Mon Sep 17 00:00:00 2001 From: David Schlenk Date: Thu, 18 Dec 2014 10:12:48 -0600 Subject: [PATCH 24/30] accidentally a comma --- recipes/default.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes/default.rb b/recipes/default.rb index c81fe05..fbd7e9d 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -52,7 +52,7 @@ :use_fqdn => node[:syslog_ng][:use_fqdn], :create_dirs => node[:syslog_ng][:create_dirs], :keep_hostname => node[:syslog_ng][:keep_hostname], - :chain_hostnames => node[:syslog_ng][:chain_hostnames] + :chain_hostnames => node[:syslog_ng][:chain_hostnames], :global_opts => node[:syslog_ng][:global_opts] ) end From efe03fcd119cd6d46f1ec9db99193b6158bd241d Mon Sep 17 00:00:00 2001 From: David Schlenk Date: Thu, 18 Dec 2014 10:18:11 -0600 Subject: [PATCH 25/30] add a restart notification when 00base changes --- recipes/default.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/recipes/default.rb b/recipes/default.rb index fbd7e9d..1d2923a 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -55,6 +55,7 @@ :chain_hostnames => node[:syslog_ng][:chain_hostnames], :global_opts => node[:syslog_ng][:global_opts] ) + notifies :restart, "service[:syslog-ng]" end directory "#{node[:syslog_ng][:log_dir]}" do From 00a3777cb62f7e8c7e4c9fb488db6fb1096034ae Mon Sep 17 00:00:00 2001 From: David Schlenk Date: Thu, 18 Dec 2014 10:19:56 -0600 Subject: [PATCH 26/30] move template because whoops --- recipes/default.rb | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/recipes/default.rb b/recipes/default.rb index 1d2923a..11c481e 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -38,6 +38,18 @@ action :create end +directory "#{node[:syslog_ng][:log_dir]}" do + owner node[:syslog_ng][:user] + group node[:syslog_ng][:group] + mode 00755 + action :create +end + +service "syslog-ng" do + supports :restart => true, :status => true + action [ :enable, :start ] +end + template "#{node[:syslog_ng][:config_dir]}/conf.d/00base" do source "00base.erb" owner node[:syslog_ng][:user] @@ -57,15 +69,3 @@ ) notifies :restart, "service[:syslog-ng]" end - -directory "#{node[:syslog_ng][:log_dir]}" do - owner node[:syslog_ng][:user] - group node[:syslog_ng][:group] - mode 00755 - action :create -end - -service "syslog-ng" do - supports :restart => true, :status => true - action [ :enable, :start ] -end From ffee72a60ec5e11b15ac6fe92fa1ccf56209396d Mon Sep 17 00:00:00 2001 From: David Schlenk Date: Thu, 18 Dec 2014 10:21:26 -0600 Subject: [PATCH 27/30] too many colons --- recipes/default.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes/default.rb b/recipes/default.rb index 11c481e..bce632e 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -67,5 +67,5 @@ :chain_hostnames => node[:syslog_ng][:chain_hostnames], :global_opts => node[:syslog_ng][:global_opts] ) - notifies :restart, "service[:syslog-ng]" + notifies :restart, "service[syslog-ng]" end From e6a0af7fd9371e7419534ecb63f4d244213ddbd6 Mon Sep 17 00:00:00 2001 From: David Schlenk Date: Mon, 9 Feb 2015 17:41:22 -0600 Subject: [PATCH 28/30] allow user to change the source prefix used in many definitions. --- attributes/default.rb | 1 + definitions/syslog_ng_file.rb | 1 + definitions/syslog_ng_forwarder.rb | 1 + definitions/syslog_ng_source.rb | 1 + templates/default/syslog_ng_file.erb | 2 +- templates/default/syslog_ng_forwarder.erb | 2 +- templates/default/syslog_ng_source.erb | 2 +- 7 files changed, 7 insertions(+), 3 deletions(-) diff --git a/attributes/default.rb b/attributes/default.rb index 7ee032c..a2aba96 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -12,3 +12,4 @@ default[:syslog_ng][:keep_hostname] = 'yes' default[:syslog_ng][:chain_hostnames] = 'yes' default[:syslog_ng][:global_opts] = [] +default[:syslog_ng][:source_prefix] = 's_udp_' diff --git a/definitions/syslog_ng_file.rb b/definitions/syslog_ng_file.rb index 775c4d6..476980d 100644 --- a/definitions/syslog_ng_file.rb +++ b/definitions/syslog_ng_file.rb @@ -26,6 +26,7 @@ :index => params[:index] || "02", :cookbook => params[:cookbook] || "syslog-ng", :source_name => params[:source_name], + :source_prefix => params[:source_prefix] || node[:syslog_ng][:source_prefix], :days_uncompressed => params[:days_uncompressed] || 1, :log_base => params[:log_base] || node[:syslog_ng][:log_dir], :log_name => params[:log_name] || "default.log", diff --git a/definitions/syslog_ng_forwarder.rb b/definitions/syslog_ng_forwarder.rb index 0a91545..048a787 100644 --- a/definitions/syslog_ng_forwarder.rb +++ b/definitions/syslog_ng_forwarder.rb @@ -25,6 +25,7 @@ :index => params[:index] || "02", :cookbook => params[:cookbook] || "syslog-ng", :source_name => params[:source_name], + :source_prefix => params[:source_prefix] || node[:syslog_ng][:source_prefix], :destination_host => params[:destination_host], :destination_port => params[:destination_port] || "514", :destination_protocol => params[:destination_protocol] || "udp", diff --git a/definitions/syslog_ng_source.rb b/definitions/syslog_ng_source.rb index 712b5ae..7c1fdcd 100644 --- a/definitions/syslog_ng_source.rb +++ b/definitions/syslog_ng_source.rb @@ -23,6 +23,7 @@ application = { :name => params[:name], + :source_prefix => params[:source_prefix] || node[:syslog_ng][:source_prefix], :index => params[:index] || "02", :cookbook => params[:cookbook] || "syslog-ng", :host => params[:host] || "127.0.0.1", diff --git a/templates/default/syslog_ng_file.erb b/templates/default/syslog_ng_file.erb index 63e0bf2..cafcb87 100644 --- a/templates/default/syslog_ng_file.erb +++ b/templates/default/syslog_ng_file.erb @@ -9,7 +9,7 @@ destination d_file_<%= @application[:name] %> { }; log { - source(s_udp_<%= @application[:source_name] %>); + source(<%= @application[:source_prefix] %><%= @application[:source_name] %>); <% if @application[:filter_name] -%> filter(f_<%= @application[:filter_name] %>); <% end -%> diff --git a/templates/default/syslog_ng_forwarder.erb b/templates/default/syslog_ng_forwarder.erb index ed56a0e..362439b 100644 --- a/templates/default/syslog_ng_forwarder.erb +++ b/templates/default/syslog_ng_forwarder.erb @@ -9,7 +9,7 @@ destination d_<%= @application[:destination_protocol] %>_<%= @application[:name] }; log { - source(s_udp_<%= @application[:source_name] %>); + source(<%= @application[:source_prefix] %><%= @application[:source_name] %>); <% if @application[:filter_name] -%> filter(f_<%= @application[:filter_name] %>); <% end -%> diff --git a/templates/default/syslog_ng_source.erb b/templates/default/syslog_ng_source.erb index f204a1d..9dd1dbb 100644 --- a/templates/default/syslog_ng_source.erb +++ b/templates/default/syslog_ng_source.erb @@ -4,7 +4,7 @@ # <%= node[:syslog_ng][:config_dir] %>/conf.d/<%= [@application[:index], @application[:name]].join %> # -source s_udp_<%= @application[:name] %> { +source <%= @application[:source_prefix] %><%= @application[:name] %> { udp (ip(<%= @application[:host] %>) port(<%= @application[:port] %>)); }; From 45519513983b25793214c17ce3655dbb904232fb Mon Sep 17 00:00:00 2001 From: David Schlenk Date: Mon, 13 Jul 2015 12:44:38 -0500 Subject: [PATCH 29/30] force git to use LF for EOL for templates and files --- .gitattributes | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 .gitattributes diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..735ffad --- /dev/null +++ b/.gitattributes @@ -0,0 +1,2 @@ +templates/** text eol=lf +files/** text eol=lf From 7d51cdabe5bb32b4aee39ca71e9a03da56ad5988 Mon Sep 17 00:00:00 2001 From: WaffleSouffle Date: Wed, 26 Aug 2015 13:59:24 +0100 Subject: [PATCH 30/30] Use newer syslog-ng configuration, simpler include mechanism. Tested on ubuntu 14.04 with syslog 3.5.3-1. Moved cookbook version up to 1.5.0. Read syslog-ng config version from attribute. attributes/default.rb Replaced: sync with flush_lines, and long_hostnames with chain_hostnames. Added: syslog_ng_config_name. files/default/syslog-ng Try to handle running on ubuntu as well as CentOS by trying different binary paths and lockfiles. metadata.rb Moved to version 1.5.0. recipes/default.rb Added ruby_block to add include 'conf.d' if not present in existing syslog-ng.conf; definition call 'generate_syslog_ng_conf_if_missing'. Altered: order of service start. Updated: default attributes (see above). templates/default/00base.erb Updated: default attributes (see above). Added: definitions/generate_syslog_ng_conf_if_missing.rb templates/default/syslog-ng.conf.erb Deleted: files/default/syslog-ng.conf Replaced with template above. --- attributes/default.rb | 6 ++- .../generate_syslog_ng_conf_if_missing.rb | 40 ++++++++++++++ files/default/syslog-ng | 32 +++++++++--- files/default/syslog-ng.conf | 6 --- metadata.rb | 2 +- recipes/default.rb | 52 ++++++++++++++++--- templates/default/00base.erb | 4 +- templates/default/syslog-ng.conf.erb | 7 +++ 8 files changed, 124 insertions(+), 25 deletions(-) create mode 100644 definitions/generate_syslog_ng_conf_if_missing.rb delete mode 100644 files/default/syslog-ng.conf create mode 100644 templates/default/syslog-ng.conf.erb diff --git a/attributes/default.rb b/attributes/default.rb index a2aba96..032e37e 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -2,10 +2,10 @@ default[:syslog_ng][:group] = "root" default[:syslog_ng][:log_dir] = "/var/log/syslog-ng" default[:syslog_ng][:config_dir] = "/etc/syslog-ng" -default[:syslog_ng][:sync] = 0 +default[:syslog_ng][:flush_lines] = 0 default[:syslog_ng][:time_reopen] = 10 default[:syslog_ng][:log_fifo_size] = 1000 -default[:syslog_ng][:long_hostnames] = 'off' +default[:syslog_ng][:chain_hostnames] = 'off' default[:syslog_ng][:use_dns] = 'no' default[:syslog_ng][:use_fqdn] = 'no' default[:syslog_ng][:create_dirs] = 'yes' @@ -13,3 +13,5 @@ default[:syslog_ng][:chain_hostnames] = 'yes' default[:syslog_ng][:global_opts] = [] default[:syslog_ng][:source_prefix] = 's_udp_' +default[:syslog_ng][:syslog_ng_config_name] = 'syslog-ng.conf' +default[:syslog_ng][:syslog_ng_version] = '3.5' diff --git a/definitions/generate_syslog_ng_conf_if_missing.rb b/definitions/generate_syslog_ng_conf_if_missing.rb new file mode 100644 index 0000000..4ce5144 --- /dev/null +++ b/definitions/generate_syslog_ng_conf_if_missing.rb @@ -0,0 +1,40 @@ +# +# Cookbook Name:: syslog-ng +# Definition:: generate_syslog_ng_conf_if_missing +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +define :generate_syslog_ng_conf_if_missing, :template => "syslog-ng.conf.erb" do + include_recipe "syslog-ng" + + current_time = Time.now.utc + syslog_ng_version = node[:syslog_ng][:syslog_ng_version] + filepath = "#{node[:syslog_ng][:config_dir]}/#{node[:cloudhouse_syslog][:syslog_ng_config_name]}" + + template filepath do + action :create_if_missing + source params[:template] + owner node[:syslog_ng][:user] + group node[:syslog_ng][:group] + mode 00640 + + variables( + :current_time => current_time, + :syslog_ng_version => syslog_ng_version + ) + + notifies :restart, resources(:service => "syslog-ng"), :immediately + end + +end diff --git a/files/default/syslog-ng b/files/default/syslog-ng index 095d99a..5ceffdc 100644 --- a/files/default/syslog-ng +++ b/files/default/syslog-ng @@ -16,11 +16,31 @@ # ***** # Source function library. -. /etc/init.d/functions +if [ -x /etc/init.d/functions ]; then + . /etc/init.d/functions +else + . /lib/lsb/init-functions +fi binary="/sbin/syslog-ng" +if [ ! -x "${binary}" ]; then + binary="/usr/sbin/syslog-ng" +fi -[ -x $binary ] || exit 0 +if [ -d /var/lock/subsys ]; then + lockfile=/var/lock/subsys/syslog-ng +else + lockfile=/var/lib/syslog-ng/syslog-ng.pid +fi + +echo 'binary:' "${binary}" +echo 'lockfile:' "${lockfile}" +echo 'Command:' "${1}" + +if [ ! -x "${binary}" ]; then + echo 'Cannot find syslog-ng in' "${binary}" + exit 0 +fi RETVAL=0 @@ -30,7 +50,7 @@ start() { daemon $binary RETVAL=$? echo - [ $RETVAL -eq 0 ] && touch /var/lock/subsys/syslog-ng + [ $RETVAL -eq 0 ] && touch "${lockfile}" } stop() { @@ -39,8 +59,8 @@ stop() { RETVAL=$? echo if [ $RETVAL -eq 0 ]; then - rm -f /var/lock/subsys/syslog-ng - rm -f /var/run/syslog-ng.pid + rm -f "${lockfile}" + [ -f /var/run/syslog-ng.pid ] && rm -f /var/run/syslog-ng.pid fi } @@ -84,7 +104,7 @@ case "$1" in reload ;; condrestart) - [ -f /var/lock/subsys/syslog-ng ] && restart + [ -f "${lockfile}" ] && restart ;; *) echo "Usage: $0 {start|stop|status|restart|reload|condrestart}" diff --git a/files/default/syslog-ng.conf b/files/default/syslog-ng.conf deleted file mode 100644 index 683c413..0000000 --- a/files/default/syslog-ng.conf +++ /dev/null @@ -1,6 +0,0 @@ -# This file is managed by chef -# Local changes will be overwritten -# -# Caution -# syslog-ng.conf file will be overwritten based on conf.d files -# diff --git a/metadata.rb b/metadata.rb index 4948e1d..617858d 100644 --- a/metadata.rb +++ b/metadata.rb @@ -4,4 +4,4 @@ license "Apache 2.0" description "Installs/Configures syslog-ng" long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version "1.4.0" +version "1.5.0" diff --git a/recipes/default.rb b/recipes/default.rb index bce632e..8d25c96 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -19,16 +19,44 @@ package "syslog-ng" -cookbook_file "#{node[:syslog_ng][:config_dir]}/syslog-ng.conf" do - owner node[:syslog_ng][:user] - group node[:syslog_ng][:group] - mode 00640 +ruby_block 'Ensure the syslog-ng main configuration file includes configuration files in conf.d subdirectory' do + filepath = "#{node[:syslog_ng][:config_dir]}/#{node[:syslog_ng][:syslog_ng_config_name]}" + + block do + newline = $/ + + conf_file = File.open(filepath, 'rb') + content = conf_file.read + conf_file.close + + #@include 'conf.d' + findIncludeExpr = Regexp.new(%q{^\s*@include\s*(?:"|')[a-zA-Z\\/.-]*(?:\\/)?conf.d}, Regexp::MULTILINE) + match = findIncludeExpr.match(content) + + if match.nil? + content << %q(@include 'conf.d') + newline + + Tempfile.open(".#{File.basename(filepath)}", File.dirname(filepath)) do |tempfile| + tempfile.binmode + tempfile.write(content) + tempfile.close + stat = File.stat(filepath) + FileUtils.chown stat.uid, stat.gid, tempfile.path + FileUtils.chmod stat.mode, tempfile.path + FileUtils.mv tempfile.path, filepath + end + else + puts 'Include already present in syslog-ng configuration file.' + end + end + only_if { File.exists? filepath } end cookbook_file "/etc/init.d/syslog-ng" do owner node[:syslog_ng][:user] group node[:syslog_ng][:group] mode 00755 + action :create_if_missing end directory "#{node[:syslog_ng][:config_dir]}/conf.d" do @@ -47,7 +75,10 @@ service "syslog-ng" do supports :restart => true, :status => true - action [ :enable, :start ] + action [ :enable ] +end + +generate_syslog_ng_conf_if_missing do end template "#{node[:syslog_ng][:config_dir]}/conf.d/00base" do @@ -56,16 +87,21 @@ group node[:syslog_ng][:group] mode 00640 variables( - :sync => node[:syslog_ng][:sync], + :flush_lines => node[:syslog_ng][:flush_lines], :time_reopen => node[:syslog_ng][:time_reopen], :log_fifo_size => node[:syslog_ng][:log_fifo_size], - :long_hostnames => node[:syslog_ng][:long_hostnames], + :chain_hostnames => node[:syslog_ng][:chain_hostnames], :use_dns => node[:syslog_ng][:use_dns], - :use_fqdn => node[:syslog_ng][:use_fqdn], :create_dirs => node[:syslog_ng][:create_dirs], + :use_fqdn => node[:syslog_ng][:use_fqdn], :keep_hostname => node[:syslog_ng][:keep_hostname], :chain_hostnames => node[:syslog_ng][:chain_hostnames], :global_opts => node[:syslog_ng][:global_opts] ) notifies :restart, "service[syslog-ng]" end + +service "syslog-ng_start" do + service_name 'syslog-ng' + action [ :start ] +end diff --git a/templates/default/00base.erb b/templates/default/00base.erb index cb227d7..f99d67d 100644 --- a/templates/default/00base.erb +++ b/templates/default/00base.erb @@ -16,10 +16,10 @@ # options { - sync (<%=@sync%>); + flush_lines (<%=@flush_lines%>); time_reopen (<%=@time_reopen%>); log_fifo_size (<%=@log_fifo_size%>); - long_hostnames (<%=@long_hostnames%>); + chain_hostnames (<%=@chain_hostnames%>); use_dns (<%=@use_dns%>); use_fqdn (<%=@use_fqdn%>); create_dirs (<%=@create_dirs%>); diff --git a/templates/default/syslog-ng.conf.erb b/templates/default/syslog-ng.conf.erb new file mode 100644 index 0000000..f5cc004 --- /dev/null +++ b/templates/default/syslog-ng.conf.erb @@ -0,0 +1,7 @@ +#This entry generated by chef syslog-ng cookbook +#on <%= @current_time %>. +@version: <%= @syslog_ng_version %> +@include "scl.conf" +@include "`scl-root`/system/tty10.conf" + +@include 'conf.d'