default.rb 7.71 KB
Newer Older
jtimberman's avatar
jtimberman committed
1
#
2
# Cookbook:: rsyslog
3
# Attributes:: default
jtimberman's avatar
jtimberman committed
4
#
5
# Copyright:: 2009-2016, Chef Software, Inc.
jtimberman's avatar
jtimberman committed
6
7
8
9
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
10
#
jtimberman's avatar
jtimberman committed
11
#     http://www.apache.org/licenses/LICENSE-2.0
12
#
jtimberman's avatar
jtimberman committed
13
14
15
16
17
18
19
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

20
default['rsyslog']['local_host_name']           = nil
21
default['rsyslog']['default_log_dir']           = '/var/log'
22
default['rsyslog']['log_dir']                   = '/srv/rsyslog'
23
default['rsyslog']['working_dir']               = '/var/spool/rsyslog'
24
default['rsyslog']['server']                    = false
25
default['rsyslog']['use_relp']                  = false
26
default['rsyslog']['relp_port']                 = 20_514
27
default['rsyslog']['protocol']                  = 'tcp'
28
default['rsyslog']['bind']                      = '*'
29
30
31
32
33
34
35
36
37
38
default['rsyslog']['port']                      = 514
default['rsyslog']['server_ip']                 = nil
default['rsyslog']['server_search']             = 'role:loghost'
default['rsyslog']['remote_logs']               = true
default['rsyslog']['per_host_dir']              = '%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%'
default['rsyslog']['max_message_size']          = '2k'
default['rsyslog']['preserve_fqdn']             = 'off'
default['rsyslog']['high_precision_timestamps'] = false
default['rsyslog']['repeated_msg_reduction']    = 'on'
default['rsyslog']['logs_to_forward']           = '*.*'
Dan Buch's avatar
Dan Buch committed
39
40
default['rsyslog']['enable_imklog']             = true
default['rsyslog']['config_prefix']             = '/etc'
Mihai Petracovici's avatar
Mihai Petracovici committed
41
default['rsyslog']['default_file_template']     = nil
42
default['rsyslog']['default_remote_template']   = nil
43
44
default['rsyslog']['rate_limit_interval']       = nil
default['rsyslog']['rate_limit_burst']          = nil
45
default['rsyslog']['enable_tls']                = false
46
default['rsyslog']['action_queue_max_disk_space'] = '1G'
47
48
49
50
default['rsyslog']['tls_ca_file']               = nil
default['rsyslog']['tls_certificate_file']      = nil
default['rsyslog']['tls_key_file']              = nil
default['rsyslog']['tls_auth_mode']             = 'anon'
Jennifer Davis's avatar
Jennifer Davis committed
51
default['rsyslog']['tls_permitted_peer']        = nil
52
default['rsyslog']['use_local_ipv4']            = false
Josh Dolitsky's avatar
Josh Dolitsky committed
53
default['rsyslog']['allow_non_local']           = false
54
default['rsyslog']['custom_remote']             = []
55
56
default['rsyslog']['additional_directives']     = {}
default['rsyslog']['templates']                 = %w()
Jeff Blaine's avatar
Jeff Blaine committed
57
58

# The most likely platform-specific attributes
Aivaras Laimikis's avatar
Aivaras Laimikis committed
59
default['rsyslog']['package_name']              = 'rsyslog'
60
61
62
63
default['rsyslog']['service_name']              = 'rsyslog'
default['rsyslog']['user']                      = 'root'
default['rsyslog']['group']                     = 'adm'
default['rsyslog']['priv_seperation']           = false
64
65
default['rsyslog']['priv_user']                 = nil
default['rsyslog']['priv_group']                = nil
Dan Buch's avatar
Dan Buch committed
66
default['rsyslog']['modules']                   = %w(imuxsock imklog)
67
68
69
70
71
default['rsyslog']['file_create_mode']          = '0640'
default['rsyslog']['dir_create_mode']           = '0755'
default['rsyslog']['umask']                     = '0022'
default['rsyslog']['dir_owner']                 = 'root'
default['rsyslog']['dir_group']                 = 'adm'
72

73
74
75
# platform specific attributes
case node['platform']
when 'ubuntu'
Tim Smith's avatar
Tim Smith committed
76
77
78
79
  default['rsyslog']['user'] = 'syslog'
  default['rsyslog']['group'] = 'adm'
  default['rsyslog']['priv_seperation'] = true
  default['rsyslog']['priv_group'] = 'syslog'
80
81
82
83
84
85
86
87
88
89
when 'smartos'
  default['rsyslog']['config_prefix'] = '/opt/local/etc'
  default['rsyslog']['modules'] = %w(immark imsolaris imtcp imudp)
  default['rsyslog']['group'] = 'root'
when 'omnios'
  default['rsyslog']['service_name'] = 'system/rsyslogd'
  default['rsyslog']['modules'] = %w(immark imsolaris imtcp imudp)
  default['rsyslog']['group'] = 'root'
end

90
# platform family specific attributes
91
case node['platform_family']
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
when 'suse'
  default['rsyslog']['service_name'] = 'syslog'
  default['rsyslog']['group'] = 'root'
  default['rsyslog']['default_facility_logs'] = {
    '*.emerg' => ':omusrmsg:*',
    'mail.*' => "-#{node['rsyslog']['default_log_dir']}/mail.log",
    'mail.info' => "-#{node['rsyslog']['default_log_dir']}/mail.info",
    'mail.warning' => "-#{node['rsyslog']['default_log_dir']}/mail.warn",
    'mail.err' => "#{node['rsyslog']['default_log_dir']}/mail.err",
    'news.crit' => "#{node['rsyslog']['default_log_dir']}/news/news.crit",
    'news.err' => "#{node['rsyslog']['default_log_dir']}/news/news.err",
    'news.notice' => "-#{node['rsyslog']['default_log_dir']}/news/news.notice",
    '*.=warning;*.=err' => "-#{node['rsyslog']['default_log_dir']}/warn",
    '*.crit' => "#{node['rsyslog']['default_log_dir']}/warn",
    '*.*;mail.none;news.none' => "#{node['rsyslog']['default_log_dir']}/messages",
    'local0.*;local1.*' => "-#{node['rsyslog']['default_log_dir']}/localmessages",
    'local2.*;local3.*' => "-#{node['rsyslog']['default_log_dir']}/localmessages",
    'local4.*;local5.*' => "-#{node['rsyslog']['default_log_dir']}/localmessages",
Tim Smith's avatar
Tim Smith committed
110
    'local6.*;local7.*' => "-#{node['rsyslog']['default_log_dir']}/localmessages",
111
  }
112
when 'rhel', 'fedora'
113
  default['rsyslog']['working_dir'] = '/var/lib/rsyslog'
114
115
116
  # format { facility => destination }
  default['rsyslog']['default_facility_logs'] = {
    '*.info;mail.none;authpriv.none;cron.none' => "#{node['rsyslog']['default_log_dir']}/messages",
117
    'authpriv.*' => "#{node['rsyslog']['default_log_dir']}/secure",
118
119
    'mail.*' => "-#{node['rsyslog']['default_log_dir']}/maillog",
    'cron.*' => "#{node['rsyslog']['default_log_dir']}/cron",
120
    '*.emerg' => ':omusrmsg:*',
121
    'uucp,news.crit' => "#{node['rsyslog']['default_log_dir']}/spooler",
Tim Smith's avatar
Tim Smith committed
122
    'local7.*' => "#{node['rsyslog']['default_log_dir']}/boot.log",
123
  }
124
125
  # RHEL >= 7 and Fedora use journald in systemd. Amazon Linux doesn't.
  if node['platform'] != 'amazon' && node['platform_version'].to_i >= 7
126
127
128
    default['rsyslog']['modules'] = %w(imuxsock imjournal)
    default['rsyslog']['additional_directives'] = { 'OmitLocalLogging' => 'on', 'IMJournalStateFile' => 'imjournal.state' }
  end
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
else
  # format { facility => destination }
  default['rsyslog']['default_facility_logs'] = {
    'auth,authpriv.*' => "#{node['rsyslog']['default_log_dir']}/auth.log",
    '*.*;auth,authpriv.none' => "-#{node['rsyslog']['default_log_dir']}/syslog",
    'daemon.*' => "-#{node['rsyslog']['default_log_dir']}/daemon.log",
    'kern.*' => "-#{node['rsyslog']['default_log_dir']}/kern.log",
    'mail.*' => "-#{node['rsyslog']['default_log_dir']}/mail.log",
    'user.*' => "-#{node['rsyslog']['default_log_dir']}/user.log",
    'mail.info' => "-#{node['rsyslog']['default_log_dir']}/mail.info",
    'mail.warn' => "-#{node['rsyslog']['default_log_dir']}/mail.warn",
    'mail.err' => "#{node['rsyslog']['default_log_dir']}/mail.err",
    'news.crit' => "#{node['rsyslog']['default_log_dir']}/news/news.crit",
    'news.err' => "#{node['rsyslog']['default_log_dir']}/news/news.err",
    'news.notice' => "-#{node['rsyslog']['default_log_dir']}/news/news.notice",
    '*.=debug;auth,authpriv.none;news.none;mail.none' => "-#{node['rsyslog']['default_log_dir']}/debug",
    '*.=info;*.=notice;*.=warn;auth,authpriv.none;cron,daemon.none;mail,news.none' => "-#{node['rsyslog']['default_log_dir']}/messages",
Tim Smith's avatar
Tim Smith committed
146
    '*.emerg' => ':omusrmsg:*',
147
148
  }
end
149

150
# rsyslog 3/4 do not support the new :omusrmsg:* format and need * instead
Tim Smith's avatar
Tim Smith committed
151
if node['platform_family'] == 'rhel' && node['platform_version'].to_i < 6
152
153
  default['rsyslog']['default_facility_logs']['*.emerg'] = '*'
end