@@ -31,7 +31,7 @@ See `attributes/default.rb` for default values.
*`node['rsyslog']['protocol']` - Specify whether to use `udp` or `tcp` for remote loghost. Default is `tcp`. To use both specify both in a string e.g. 'udptcp'.
*`node['rsyslog']['bind']` - Specify the address to which the server should be listening; only use with `node['rsyslog']['protocol'] = 'udp'` because the feature does not work with the `tcp` protocol ([more info](http://www.rsyslog.com/doc/master/configuration/modules/imtcp.html#caveats-known-bugs)).
*`node['rsyslog']['port']` - Specify the port which rsyslog should connect to a remote loghost.
*`node['rsyslog']['remote_logs']` - Specify wether to send all logs to a remote server (client option). Default is `true`.
*`node['rsyslog']['remote_logs']` - Specify whether to send all logs to a remote server (client option). Default is `true`.
*`node['rsyslog']['per_host_dir']` - "PerHost" directories for template statements in `35-server-per-host.conf`. Default value is the previous cookbook version's value, to preserve compatibility. See __server__ recipe below.
*`node['rsyslog']['priv_seperation']` - Whether to use privilege separation or not.
*`node['rsyslog']['priv_user']` - User to run as when using privilege separation. Defult is `node['rsyslog']['user']`
...
...
@@ -48,6 +48,7 @@ See `attributes/default.rb` for default values.
*`node['rsyslog']['default_log_dir']` - log directory used in `50-default.conf` template, defaults to `/var/log`
*`node['rsyslog']['default_facility_logs']` - Hash containing log facilities and destinations used in `50-default.conf` template.
*`node['rsyslog']['default_file_template']` - The name of a pre-defined log format template (ie - RSYSLOG_FileFormat), used for local log files.
*`node['rsyslog']['default_remote_template']` - The name of a pre-defined log format template (ie - RSYSLOG_FileFormat), used for sending to remote servers.
*`node['rsyslog']['rate_limit_interval']` - Value of the $SystemLogRateLimitInterval configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default.
*`node['rsyslog']['rate_limit_burst']` - Value of the $SystemLogRateLimitBurst configuration directive in `/etc/rsyslog.conf`. Default is nil, leaving it to the platform default.
*`node['rsyslog']['action_queue_max_disk_space']` - Max amount of disk space the disk-assisted queue is allowed to use ([more info](http://www.rsyslog.com/doc/queues.html)).
...
...
@@ -58,6 +59,7 @@ See `attributes/default.rb` for default values.
*`node['rsyslog']['tls_auth_mode']` - Value for `$InputTCPServerStreamDriverAuthMode`/`$ActionSendStreamDriverAuthMode`, determines whether client certs are validated. Defaults to `anon` (no validation).
*`node['rsyslog']['use_local_ipv4']` - Whether or not to make use the remote local IPv4 address on cloud systems when searching for servers (where available). Default is 'false'.
*`node['rsyslog']['allow_non_local']` - Whether or not to allow non-local messages. If 'false', incoming messages are only allowed from 127.0.0.1. Default is 'false'.
*`node['rsyslog']['custom_remote']` - Array of hashes for configuring custom remote server targets
*`node['rsyslog']['additional_directives']` - Hash of additional directives and their values to place in the main rsyslog config file
Recipes
...
...
@@ -70,6 +72,26 @@ Includes `recipe[rsyslog]`.
Uses `node['rsyslog']['server_ip']` or Chef search (in that precedence order) to determine the remote syslog server's IP address. If search is used, the search query will look for the first `ipaddress` returned from the criteria specified in `node['rsyslog']['server_search']`.
You can use `node['rsyslog']['custom_config']` to define custom entries for sending logs to remote servers.
Available attributes:
```
'server': Ip/hostname of remote syslog server (Required)
'port': Port to send logs to
'logs': Syslog log facilities to send (auth, authpriv, daemon, etc)
'protocol': Can be tcp or udp
'remote_template': Rsyslog template used for the messages
The server key is required; if other keys are left out, the default global values will be used (eg `node['rsyslog']['port']` will be used if 'port' is omitted)
If the node itself is a rsyslog server ie it has `rsyslog.server` set to true then the configuration is skipped.
If the node had an `/etc/rsyslog.d/35-server-per-host.conf` file previously configured, this file gets removed to prevent duplicate logging.