default.rb 8.62 KB
Newer Older
jtimberman's avatar
jtimberman committed
1
#
2
# Cookbook:: rsyslog
3
# Attributes:: default
jtimberman's avatar
jtimberman committed
4
#
Tim Smith's avatar
Tim Smith committed
5
# Copyright:: 2009-2019, Chef Software, Inc.
jtimberman's avatar
jtimberman committed
6
7
8
9
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
10
#
jtimberman's avatar
jtimberman committed
11
#     http://www.apache.org/licenses/LICENSE-2.0
12
#
jtimberman's avatar
jtimberman committed
13
14
15
16
17
18
19
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

20
default['rsyslog']['local_host_name']           = nil
21
default['rsyslog']['default_log_dir']           = '/var/log'
22
default['rsyslog']['log_dir']                   = '/srv/rsyslog'
23
default['rsyslog']['working_dir']               = '/var/spool/rsyslog'
Alex Markelov's avatar
Alex Markelov committed
24
default['rsyslog']['working_dir_mode']          = '0700'
25
default['rsyslog']['server']                    = false
26
default['rsyslog']['use_relp']                  = false
27
default['rsyslog']['relp_port']                 = 20_514
28
default['rsyslog']['protocol']                  = 'tcp'
29
default['rsyslog']['bind']                      = '*'
30
31
32
33
34
35
36
37
38
39
default['rsyslog']['port']                      = 514
default['rsyslog']['server_ip']                 = nil
default['rsyslog']['server_search']             = 'role:loghost'
default['rsyslog']['remote_logs']               = true
default['rsyslog']['per_host_dir']              = '%$YEAR%/%$MONTH%/%$DAY%/%HOSTNAME%'
default['rsyslog']['max_message_size']          = '2k'
default['rsyslog']['preserve_fqdn']             = 'off'
default['rsyslog']['high_precision_timestamps'] = false
default['rsyslog']['repeated_msg_reduction']    = 'on'
default['rsyslog']['logs_to_forward']           = '*.*'
Dan Buch's avatar
Dan Buch committed
40
41
default['rsyslog']['enable_imklog']             = true
default['rsyslog']['config_prefix']             = '/etc'
Mihai Petracovici's avatar
Mihai Petracovici committed
42
default['rsyslog']['default_file_template']     = nil
43
default['rsyslog']['default_remote_template']   = nil
44
45
default['rsyslog']['rate_limit_interval']       = nil
default['rsyslog']['rate_limit_burst']          = nil
46
default['rsyslog']['enable_tls']                = false
47
default['rsyslog']['tls_driver']                = 'ossl'
48
default['rsyslog']['action_queue_max_disk_space'] = '1G'
49
50
51
52
default['rsyslog']['tls_ca_file']               = nil
default['rsyslog']['tls_certificate_file']      = nil
default['rsyslog']['tls_key_file']              = nil
default['rsyslog']['tls_auth_mode']             = 'anon'
Jennifer Davis's avatar
Jennifer Davis committed
53
default['rsyslog']['tls_permitted_peer']        = nil
54
default['rsyslog']['use_local_ipv4']            = false
Josh Dolitsky's avatar
Josh Dolitsky committed
55
default['rsyslog']['allow_non_local']           = false
56
default['rsyslog']['custom_remote']             = []
57
58
default['rsyslog']['additional_directives']     = {}
default['rsyslog']['templates']                 = %w()
59
default['rsyslog']['default_conf_file']         = true
60
61
default['rsyslog']['server_per_host_template']  = '35-server-per-host.conf.erb'
default['rsyslog']['server_per_host_cookbook']  = 'rsyslog'
Jeff Blaine's avatar
Jeff Blaine committed
62
63

# The most likely platform-specific attributes
Aivaras Laimikis's avatar
Aivaras Laimikis committed
64
default['rsyslog']['package_name']              = 'rsyslog'
65
66
67
68
default['rsyslog']['service_name']              = 'rsyslog'
default['rsyslog']['user']                      = 'root'
default['rsyslog']['group']                     = 'adm'
default['rsyslog']['priv_seperation']           = false
69
70
default['rsyslog']['priv_user']                 = nil
default['rsyslog']['priv_group']                = nil
Dan Buch's avatar
Dan Buch committed
71
default['rsyslog']['modules']                   = %w(imuxsock imklog)
72
73
74
75
76
default['rsyslog']['file_create_mode']          = '0640'
default['rsyslog']['dir_create_mode']           = '0755'
default['rsyslog']['umask']                     = '0022'
default['rsyslog']['dir_owner']                 = 'root'
default['rsyslog']['dir_group']                 = 'adm'
77
78
79
default['rsyslog']['config_files']['owner']     = 'root'
default['rsyslog']['config_files']['group']     = 'root'
default['rsyslog']['config_files']['mode']      = '0644'
80
default['rsyslog']['config_dir']['mode']        = '0755'
81

82
83
84
# platform specific attributes
case node['platform']
when 'ubuntu'
Tim Smith's avatar
Tim Smith committed
85
  default['rsyslog']['user'] = 'syslog'
Alex Markelov's avatar
Alex Markelov committed
86
  default['rsyslog']['dir_owner'] = 'syslog'
Tim Smith's avatar
Tim Smith committed
87
88
89
  default['rsyslog']['group'] = 'adm'
  default['rsyslog']['priv_seperation'] = true
  default['rsyslog']['priv_group'] = 'syslog'
90
91
when 'smartos'
  default['rsyslog']['config_prefix'] = '/opt/local/etc'
Lance Albertson's avatar
Lance Albertson committed
92
  # NOTE: remove imudp and imtcp since there are no default listeners on SmartOS
93
  default['rsyslog']['modules'] = %w(immark imsolaris)
94
95
96
97
98
99
100
  default['rsyslog']['group'] = 'root'
when 'omnios'
  default['rsyslog']['service_name'] = 'system/rsyslogd'
  default['rsyslog']['modules'] = %w(immark imsolaris imtcp imudp)
  default['rsyslog']['group'] = 'root'
end

101
# platform family specific attributes
102
case node['platform_family']
103
104
105
106
107
108
109
110
111
112
113
114
when 'smartos'
  # These defaults match what is shipped in the pkgsrc rsyslog package
  default['rsyslog']['default_facility_logs'] = {
    '*.alert;kern.err;daemon.err' => ':omusrmsg:operator',
    '*.alert' => ':omusrmsg:root',
    '*.emerg' => ':omusrmsg:*',
    '*.err;kern.notice;auth.notice' => '/dev/sysmsg',
    '*.err;kern.debug;daemon.notice;mail.crit' => '/var/adm/messages',
    'mail.debug' => "#{node['rsyslog']['default_log_dir']}/syslog",
    'mail.info' => "#{node['rsyslog']['default_log_dir']}/maillog",
    'auth.info' => "#{node['rsyslog']['default_log_dir']}/authlog",
  }
115
116
117
when 'suse'
  default['rsyslog']['service_name'] = 'syslog'
  default['rsyslog']['group'] = 'root'
Tim Smith's avatar
Tim Smith committed
118
  default['rsyslog']['dir_group'] = 'trusted'
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
  default['rsyslog']['default_facility_logs'] = {
    '*.emerg' => ':omusrmsg:*',
    'mail.*' => "-#{node['rsyslog']['default_log_dir']}/mail.log",
    'mail.info' => "-#{node['rsyslog']['default_log_dir']}/mail.info",
    'mail.warning' => "-#{node['rsyslog']['default_log_dir']}/mail.warn",
    'mail.err' => "#{node['rsyslog']['default_log_dir']}/mail.err",
    'news.crit' => "#{node['rsyslog']['default_log_dir']}/news/news.crit",
    'news.err' => "#{node['rsyslog']['default_log_dir']}/news/news.err",
    'news.notice' => "-#{node['rsyslog']['default_log_dir']}/news/news.notice",
    '*.=warning;*.=err' => "-#{node['rsyslog']['default_log_dir']}/warn",
    '*.crit' => "#{node['rsyslog']['default_log_dir']}/warn",
    '*.*;mail.none;news.none' => "#{node['rsyslog']['default_log_dir']}/messages",
    'local0.*;local1.*' => "-#{node['rsyslog']['default_log_dir']}/localmessages",
    'local2.*;local3.*' => "-#{node['rsyslog']['default_log_dir']}/localmessages",
    'local4.*;local5.*' => "-#{node['rsyslog']['default_log_dir']}/localmessages",
Tim Smith's avatar
Tim Smith committed
134
    'local6.*;local7.*' => "-#{node['rsyslog']['default_log_dir']}/localmessages",
135
  }
Tim Smith's avatar
Tim Smith committed
136
when 'rhel', 'fedora', 'amazon'
137
  default['rsyslog']['working_dir'] = '/var/lib/rsyslog'
138
139
140
  # format { facility => destination }
  default['rsyslog']['default_facility_logs'] = {
    '*.info;mail.none;authpriv.none;cron.none' => "#{node['rsyslog']['default_log_dir']}/messages",
141
    'authpriv.*' => "#{node['rsyslog']['default_log_dir']}/secure",
142
143
    'mail.*' => "-#{node['rsyslog']['default_log_dir']}/maillog",
    'cron.*' => "#{node['rsyslog']['default_log_dir']}/cron",
144
    '*.emerg' => ':omusrmsg:*',
145
    'uucp,news.crit' => "#{node['rsyslog']['default_log_dir']}/spooler",
Tim Smith's avatar
Tim Smith committed
146
    'local7.*' => "#{node['rsyslog']['default_log_dir']}/boot.log",
147
  }
Lance Albertson's avatar
Lance Albertson committed
148
149
  default['rsyslog']['modules'] = %w(imuxsock imjournal)
  default['rsyslog']['additional_directives'] = { 'OmitLocalLogging' => 'on', 'IMJournalStateFile' => 'imjournal.state' }
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
else
  # format { facility => destination }
  default['rsyslog']['default_facility_logs'] = {
    'auth,authpriv.*' => "#{node['rsyslog']['default_log_dir']}/auth.log",
    '*.*;auth,authpriv.none' => "-#{node['rsyslog']['default_log_dir']}/syslog",
    'daemon.*' => "-#{node['rsyslog']['default_log_dir']}/daemon.log",
    'kern.*' => "-#{node['rsyslog']['default_log_dir']}/kern.log",
    'mail.*' => "-#{node['rsyslog']['default_log_dir']}/mail.log",
    'user.*' => "-#{node['rsyslog']['default_log_dir']}/user.log",
    'mail.info' => "-#{node['rsyslog']['default_log_dir']}/mail.info",
    'mail.warn' => "-#{node['rsyslog']['default_log_dir']}/mail.warn",
    'mail.err' => "#{node['rsyslog']['default_log_dir']}/mail.err",
    'news.crit' => "#{node['rsyslog']['default_log_dir']}/news/news.crit",
    'news.err' => "#{node['rsyslog']['default_log_dir']}/news/news.err",
    'news.notice' => "-#{node['rsyslog']['default_log_dir']}/news/news.notice",
    '*.=debug;auth,authpriv.none;news.none;mail.none' => "-#{node['rsyslog']['default_log_dir']}/debug",
    '*.=info;*.=notice;*.=warn;auth,authpriv.none;cron,daemon.none;mail,news.none' => "-#{node['rsyslog']['default_log_dir']}/messages",
Tim Smith's avatar
Tim Smith committed
167
    '*.emerg' => ':omusrmsg:*',
168
169
  }
end