sous-chefs / rsyslog Goto Github PK
View Code? Open in Web Editor NEWDevelopment repository for the rsyslog cookbook
Home Page: https://supermarket.chef.io/cookbooks/rsyslog
License: Apache License 2.0
Development repository for the rsyslog cookbook
Home Page: https://supermarket.chef.io/cookbooks/rsyslog
License: Apache License 2.0
4.0.0
12.x
Ubuntu 14.04
Tried to use cookbook, ended up with full disk
Use cookbook. Observe lack of rotation policy for added cookbooks.
rsyslog should add rotation policy for any logs it adds
Used cookbook with defaults. It adds, among others, boot.log, but doesn't add a rotation policy for the log file. In our case, due to a misbehaving app (or mis-logging app) boot.log grew to over 13G, and along with other log files, filled the disk. I confirmed that boot.log is not in the Ubuntu rsyslog package, so it is being added by this cookbook. The rsyslog package does define rotation policy for any logs that are in its default config.
5.0.1
12.9.41
rhel6.8
Attempting to set the Umask, FileCreateMode, DirCreateMode, DirOwner, DirGroup, Template directives. However Umask, FileCreateMode, DirCreateMode are hardcoded values in the rsyslog.conf.erb and DirOwner, DirGroup, Template do not exist as available attributes.
(Not a bug just missing functionality)
Open the rsyslog.conf.erb and note that lines 92, 93, 94 are hardcoded values preventing the user from changing them.
Also note that the attributes/default.rb is missing attributes for Umask, FileCreateMode, DirCreateMode, DirOwner, DirGroup, Template directives
The new functionality that allows you to select the rsyslog TLS driver via the default['rsyslog']['tls_driver'] = 'ossl'
attribute broke runs on RHEL7. This is because the rsyslog-openssl package is not available on that platform and the default is set to use openssl; RHEL/CentOS uses only the gnutls rsyslog implementation.
v7.4.0
Still on 14.13.11 :(
RHEL7. Also present on RHEL8
Steps to reproduce the behavior:
Run the recipe on RHEL7/Centos7 with tls enabled and all other attributes default.
The recipe run completes
It may be useful to have a test case for TLS on/off in the kitchen suite for this cookbook. Would have caught this bug.
6.0.7
Chef Workstation version: 0.9.42
Chef Infra Client version: 15.3.14
Chef InSpec version: 4.16.0
Chef CLI version: 1.0.16
Test Kitchen version: 2.3.3
Cookstyle version: 5.6.2
Fedora 30, Travis-CI
Trying to run the spec tests locally and on Travis-CI. On both platforms the tests.
Locally: Download repo, run chef exec rspec
.
Travis-CI: Push to master branch
Passing tests.
Locally: Test fails due fauhaix issues with old/not supported operating systems (SmartOS and OmniOS).
Travis-CI: Chef License Issue.
I'd like to be able to configure net.enableDNS
and net.aclResolveHostname
. These seem to only be supported by Rainer script (or command line switches), not the "legacy" format that this cookbook uses. Is this possible?
In Ubuntu >= 11.04 the cookbook correctly sets the user to syslog but the log_dir directory always has owner root with mode 0755. In such cases rsyslog can't write any log file. Maybe the log_dir
directory resource should use node['rsyslog']['user']
as the owner.
Thank for taking the time to fill this bug report fully. Without it we may not be able to fix the bug, and the issue may be closed without resolution.
centos6 is loding imjournal and OmitLocalLogging which breaks local logging. IE logger.
9.0.0
15.10.12.
centos 6.10
Steps to reproduce the behavior:
converge on el6
imjournal not to be used as there is no journal, OmitLocalLogging should not be enabled.
Add any other context about the problem here. e.g. related issues or existing pull requests.
4.0.1
12.18.30
CentOS 5.11
I have a cookbook that gets the packages for the latest version of rsyslogd. So even though I'm running CentOS 5.11, I have rsyslogd version 8.
However, this code isn't detecting if rsyslog can use :omusrmsg:*
and is instead checking only the OSes.
rsyslogd v8 doesn't support *
, which causes the -N1
check to fail and logging not to be sent to users.
There was a changelog entry for cookbook v2.1.0 that implied it was checking the rsyslogd version, but that doesn't seem to be the case:
Change emerg to log to :omusrmsg:_ vs. _ on modern rsyslog releases to avoid deprecation warnings
In a CentOS 5.11 box, add the official rsyslogd yum repository and install rsyslog 8.
I keep getting lines like this my 49-remote.conf
file when using rsyslog::client
:
*.* :omrelp:{"server"=>"10.0.10.10", "port"=>514, "logs"=>"*.*", "protocol"=>"tcp", "remote_template"=>"RSYSLOG_ForwardFormat"}:20514;RSYSLOG_ForwardFormat
The bit in the {...}
characters seems to be the ruby expression of rsyslog_servers
in version 2.2.0.
Rolling back to 2.1.0 fixes this problem.
When I am doing kitchen converge I am getting following error. I am running this on Windows Docker Desktop and using dokken centos72 image.
undefined method `platform_version' for #Chef::Node::Attribute:0x0000000004678a00
/opt/kitchen/cache/cookbooks/rsyslog/attributes/default.rb:47:in `from_file'
/opt/kitchen/cache/cookbooks/rsyslog/attributes/default.rb:
40: default['rsyslog']['enable_imklog'] = true
41: default['rsyslog']['config_prefix'] = '/etc'
42: default['rsyslog']['default_file_template'] = nil
43: default['rsyslog']['default_remote_template'] = nil
44: default['rsyslog']['rate_limit_interval'] = nil
45: default['rsyslog']['rate_limit_burst'] = nil
46: default['rsyslog']['enable_tls'] = false
47>> default['rsyslog']['tls_driver'] = if platform_family?('rhel') && platform_version.to_i == 7
48: 'gtls'
49: else
50: 'ossl'
51: end
52: default['rsyslog']['action_queue_max_disk_space'] = '1G'
53: default['rsyslog']['tls_ca_file'] = nil
54: default['rsyslog']['tls_certificate_file'] = nil
55: default['rsyslog']['tls_key_file'] = nil
56: default['rsyslog']['tls_auth_mode'] = 'anon'
chef_version=15.7.32
platform=centos
platform_version=7.9.2009
ruby=ruby 2.6.5p114 (2019-10-01 revision 67812) [x86_64-linux]
program_name=/opt/chef/embedded/bin/chef-client
executable=/opt/chef/embedded/bin/chef-client
Running handlers:
[2022-08-25T06:34:50+00:00] ERROR: Running exception handlers
Running handlers complete
[2022-08-25T06:34:50+00:00] ERROR: Exception handlers complete
Chef Infra Client failed. 0 resources updated in 01 seconds
[2022-08-25T06:34:50+00:00] FATAL: Stacktrace dumped to /opt/kitchen/cache/chef-stacktrace.out
[2022-08-25T06:34:50+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2022-08-25T06:34:50+00:00] FATAL: NoMethodError: undefined method `platform_version' for #Chef::Node::Attribute:0x0000000004678a00
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
This repository currently has no open or pending branches.
.github/workflows/ci.yml
sous-chefs/.github 3.1.1
actions/checkout v4
actionshub/chef-install 3.0.0
actionshub/test-kitchen 3.0.0
.github/workflows/stale.yml
actions/stale v9
I can't send a pull request because there is no branch for version 3.0.0, but there is a bug in resources/file_input.rb
I've fix this porting the code from version 2, but it is also fixed in the master branch in a different way.
diff --git a/resources/file_input.rb b/resources/file_input.rb
index a52b2c0..f551300 100644
--- a/resources/file_input.rb
+++ b/resources/file_input.rb
@@ -27,15 +27,15 @@ property :cookbook_source, String, default: 'rsyslog'
property :template_source, String, default: 'file-input.conf.erb'
action :create do
- template "/etc/rsyslog.d/#{priority}-#{new_resource.name}.conf" do
+ template "/etc/rsyslog.d/#{priority}-#{name}.conf" do
mode '0664'
owner node['rsyslog']['user']
group node['rsyslog']['group']
source template_source
cookbook cookbook_source
variables 'file_name' => file,
- 'tag' => new_resource.name,
- 'state_file' => new_resource.name,
+ 'tag' => name,
+ 'state_file' => name,
'severity' => severity,
'facility' => facility
Note: this worked two weeks ago when I bootstrapped a different server, so I'm really not sure what's changed.
With both chef-12.0.3 and 12.1.1 bootstraps, and rsyslog 1.12.2 (which is what papertrail-rsyslog currently seems to pull in), I see the following error:
================================================================================
ec2-54-175-212-9.compute-1.amazonaws.com Error executing action `install` on resource 'yum_package[rsyslog]'
ec2-54-175-212-9.compute-1.amazonaws.com ================================================================================
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com Mixlib::ShellOut::ShellCommandFailed
ec2-54-175-212-9.compute-1.amazonaws.com ------------------------------------
ec2-54-175-212-9.compute-1.amazonaws.com Expected process to exit with [0], but received '1'
ec2-54-175-212-9.compute-1.amazonaws.com ---- Begin output of /usr/bin/python /opt/chef/embedded/apps/chef/lib/chef/provider/package/yum-dump.py --options --installed-provides --yum-lock-timeout 30 ----
ec2-54-175-212-9.compute-1.amazonaws.com STDOUT:
ec2-54-175-212-9.compute-1.amazonaws.com STDERR: Traceback (most recent call last):
ec2-54-175-212-9.compute-1.amazonaws.com File "/opt/chef/embedded/apps/chef/lib/chef/provider/package/yum-dump.py", line 36, in <module>
ec2-54-175-212-9.compute-1.amazonaws.com import yum
ec2-54-175-212-9.compute-1.amazonaws.com ImportError: No module named yum
ec2-54-175-212-9.compute-1.amazonaws.com ---- End output of /usr/bin/python /opt/chef/embedded/apps/chef/lib/chef/provider/package/yum-dump.py --options --installed-provides --yum-lock-timeout 30 ----
ec2-54-175-212-9.compute-1.amazonaws.com Ran /usr/bin/python /opt/chef/embedded/apps/chef/lib/chef/provider/package/yum-dump.py --options --installed-provides --yum-lock-timeout 30 returned 1
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com Resource Declaration:
ec2-54-175-212-9.compute-1.amazonaws.com ---------------------
ec2-54-175-212-9.compute-1.amazonaws.com # In /var/chef/cache/cookbooks/rsyslog/recipes/default.rb
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com 20: package 'rsyslog'
ec2-54-175-212-9.compute-1.amazonaws.com 21: package 'rsyslog-relp' if node['rsyslog']['use_relp']
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com Compiled Resource:
ec2-54-175-212-9.compute-1.amazonaws.com ------------------
ec2-54-175-212-9.compute-1.amazonaws.com # Declared in /var/chef/cache/cookbooks/rsyslog/recipes/default.rb:20:in `from_file'
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com yum_package("rsyslog") do
ec2-54-175-212-9.compute-1.amazonaws.com action :install
ec2-54-175-212-9.compute-1.amazonaws.com retries 0
ec2-54-175-212-9.compute-1.amazonaws.com retry_delay 2
ec2-54-175-212-9.compute-1.amazonaws.com default_guard_interpreter :default
ec2-54-175-212-9.compute-1.amazonaws.com package_name "rsyslog"
ec2-54-175-212-9.compute-1.amazonaws.com timeout 900
ec2-54-175-212-9.compute-1.amazonaws.com flush_cache {:before=>false, :after=>false}
ec2-54-175-212-9.compute-1.amazonaws.com declared_type :package
ec2-54-175-212-9.compute-1.amazonaws.com cookbook_name "rsyslog"
ec2-54-175-212-9.compute-1.amazonaws.com recipe_name "default"
ec2-54-175-212-9.compute-1.amazonaws.com end
ec2-54-175-212-9.compute-1.amazonaws.com
ec2-54-175-212-9.compute-1.amazonaws.com Recipe: chef-client::init_service
ec2-54-175-212-9.compute-1.amazonaws.com * service[chef-client] action restart
ec2-54-175-212-9.compute-1.amazonaws.com - restart service service[chef-client]
I am using the file_input provider and I keep getting this error not he notify restart:
had an error: Chef::Exceptions::ResourceNotFound: Cannot find a resource matching service[rsyslog] (did you define it first?)
/var/lib/aws/opsworks/cache.stage2/cookbooks/rsyslog/providers/file_input.rb:31:in `block (2 levels) in class_from_file'
/var/lib/aws/opsworks/cache.stage2/cookbooks/rsyslog/providers/file_input.rb:20:in `block in class_from_file'
Ran in to an issue where haproxy was not logging to /var/log/haproxy.log
as expected. Looked to be an issue with rsyslog's permissions as manually creating the file allowed logging to occur.
This cookbook generates an /etc/rsyslog.conf
with these permissions on Ubuntu:
#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup adm
Looking at the default ubuntu test kitchen boxes before this cookbook runs I found they all contained:
#
# Set the default permissions for all log files.
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup syslog
Thinking to fix this the privledge dropping user & group should be separate attributes, and make them syslog:syslog
for Ubuntu?
We have a very prescriptive search setup in the client cookbook that probably doesn't work for anyone and leads to frustration (did for me in previous jobs at least). We should remove this as users should instead handle search themselves and populate the attributes with the search results.
The resource in the rsyslog cookbook should declare unified_mode true
at 1 location:
- /var/chef/cache/cookbooks/rsyslog/resources/file_input.rb
See https://docs.chef.io/deprecations_unified_mode/ for further details.
Hi,
The custom_remote won't work unless you use an override attribute because the default set in the cookbook will get merged and node['rsyslog']['custom_remote'].first.empty?
will allays be true.
PR #121 fixes this.
Some versions of rsyslogd will consume all host memory if $MaxMessageSize is set to anything. Eliminating this directive eliminates the problem. The current cookbook attribute/template combination doesn't allow specifying that you don't want this directive at all in your configuration.
8.x and 9.x
version 14.x through 16.x
Solaris 11.3 with rsyslogd v8.4.2 provided by Oracle via IPS
Steps to reproduce the behavior:
system/rsyslog
IPS package on any Solaris 11.3 system$MaxMessageSize
with any value > 1024 or 1k in /etc/rsyslog.confimsolaris
input module that comes with rsysloglogger
commandExpected setting the attribute node['rsyslog']['max_message_size']
to nil
or false
would cause the template for /etc/rsyslog.conf
to just not include this directive in the config file.
At present, specifying nil
just generates this into /etc/rsyslog.conf
$MaxMessageSize
Specifying false
generates this:
$MaxMessageSize false
Will be including PR shortly.
Adding
execute "chcon" do
command "chcon system_u:object_r:var_log_t:s0 node['rsyslog']['log_dir']"
action :run
end
Right after creating the directory would be easiest.
The cookbook incorrectly changes the owner on /var/spool/rsyslog when running on precise.
The existing privs are the correct ones laid down by the package.
I've recently come across a situation where I needed to install rsyslog 8.13.0 and unfortunately had to do it from scratch because this cookbook didn't have that option. Also, having the ability to specify --configure
parameters would be useful especially when you want to enable non-standard plugins such as omhiredis.
6.0.4
12.22.5
Amazon Linux release 2 (2017.12) LTS Release Candidate
Using the rsyslog cookbook in default trim on Amazon linux fails to provide a valid configuration.
Include the rsyslog cookbook via recipe in a wrapper cookbook. eg. include_recipe 'rsyslog'
rsyslog installs cleanly with a working configuration
amazon-ebs: [2018-07-03T23:44:15+00:00] INFO: template[/etc/rsyslog.conf] sending run action to execute[validate_config] (delayed)
amazon-ebs: [2018-07-03T23:44:15+00:00] INFO: Processing execute[validate_config] action run (rsyslog::default line 40)
amazon-ebs:
amazon-ebs: ================================================================================
amazon-ebs: Error executing action `run` on resource 'execute[validate_config]'
amazon-ebs: ================================================================================
amazon-ebs:
amazon-ebs: Mixlib::ShellOut::ShellCommandFailed
amazon-ebs: ------------------------------------
amazon-ebs: Expected process to exit with [0], but received '1'
amazon-ebs: ---- Begin output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
amazon-ebs: STDOUT:
amazon-ebs: STDERR: rsyslogd: version 8.24.0, config validation run (level 1), master config /etc/rsyslog.conf
amazon-ebs: rsyslogd: error during parsing file /etc/rsyslog.d/50-default.conf, on or before line 8: warnings occured in file '/etc/rsyslog.d/50-default.conf' around line 8 [v8.24.0 try http://www.rsyslog.com/e/2207 ] [0/1989]
amazon-ebs: ---- End output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
amazon-ebs: Ran rsyslogd -N 1 -f /etc/rsyslog.conf returned 1
amazon-ebs:
amazon-ebs: Resource Declaration:
amazon-ebs: ---------------------
amazon-ebs: # In /tmp/packer-chef-solo/local-mode-cache/cache/cookbooks/rsyslog/recipes/default.rb
amazon-ebs:
amazon-ebs: 40: execute 'validate_config' do
amazon-ebs: 41: command "rsyslogd -N 1 -f #{node['rsyslog']['config_prefix']}/rsyslog.conf"
amazon-ebs: 42: action :nothing
amazon-ebs: 43: end
amazon-ebs: 44:
amazon-ebs:
amazon-ebs: Compiled Resource:
amazon-ebs: ------------------
amazon-ebs: # Declared in /tmp/packer-chef-solo/local-mode-cache/cache/cookbooks/rsyslog/recipes/default.rb:40:in `from_file'
amazon-ebs:
amazon-ebs: execute("validate_config") do
amazon-ebs: action [:nothing]
amazon-ebs: retries 0
amazon-ebs: retry_delay 2
amazon-ebs: default_guard_interpreter :execute
amazon-ebs: command "rsyslogd -N 1 -f /etc/rsyslog.conf"
amazon-ebs: backup 5
amazon-ebs: returns 0
amazon-ebs: user nil
amazon-ebs: declared_type :execute
amazon-ebs: cookbook_name "rsyslog"
amazon-ebs: recipe_name "default"
amazon-ebs: end
amazon-ebs:
amazon-ebs: System Info:
amazon-ebs: ------------
amazon-ebs: chef_version=12.22.5
amazon-ebs: platform=amazon
amazon-ebs: platform_version=2
amazon-ebs: ruby=ruby 2.3.6p384 (2017-12-14 revision 61254) [x86_64-linux]
amazon-ebs: program_name=chef-solo worker: ppid=11910;start=23:39:40;
amazon-ebs: executable=/opt/chef/bin/chef-solo
amazon-ebs:
amazon-ebs: [2018-07-03T23:44:16+00:00] INFO: template[/etc/rsyslog.conf] sending restart action to service[rsyslog] (delayed)
amazon-ebs: [2018-07-03T23:44:16+00:00] INFO: Processing service[rsyslog] action restart (rsyslog::default line 94)
amazon-ebs: [2018-07-03T23:44:16+00:00] INFO: service[rsyslog] restarted
amazon-ebs: [2018-07-03T23:44:16+00:00] ERROR: Running exception handlers
amazon-ebs: [2018-07-03T23:44:16+00:00] ERROR: Exception handlers complete
amazon-ebs: [2018-07-03T23:44:16+00:00] FATAL: Stacktrace dumped to /tmp/packer-chef-solo/local-mode-cache/cache/chef-stacktrace.out
amazon-ebs: [2018-07-03T23:44:16+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
amazon-ebs: [2018-07-03T23:44:16+00:00] ERROR: execute[validate_config] (rsyslog::default line 40) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
amazon-ebs: ---- Begin output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
amazon-ebs: STDOUT:
amazon-ebs: STDERR: rsyslogd: version 8.24.0, config validation run (level 1), master config /etc/rsyslog.conf
amazon-ebs: rsyslogd: error during parsing file /etc/rsyslog.d/50-default.conf, on or before line 8: warnings occured in file '/etc/rsyslog.d/50-default.conf' around line 8 [v8.24.0 try http://www.rsyslog.com/e/2207 ]
amazon-ebs: ---- End output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
amazon-ebs: Ran rsyslogd -N 1 -f /etc/rsyslog.conf returned 1
amazon-ebs: [2018-07-03T23:44:16+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
It's time to remove the vast complexity of these recipes and just remove the chef-solo support. The cookbook supports Chef 12 only now and thus everyone has access to chef-zero.
4.0.1
12.15.19
Ubuntu 16.04 on AWS
Can't call the file_input
resource multiple times with the default template. The config test added in 4.0.1 will fail b/c imfile is included multiple times.
Create multiple ryslog_file_input
resources using the default template.
Successful converge.
[2016-11-02T21:03:43+00:00] ERROR: Exception handlers complete
ERROR: execute[validate_config] (rsyslog::default line 42) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
STDOUT:
rsyslogd: version 8.16.0, config validation run (level 1), master config /etc/rsyslog.conf
rsyslogd: module 'imfile' already in this config, cannot be added [v8.16.0 try http://www.rsyslog.com/e/2221 ]
rsyslogd: module 'imfile' already in this config, cannot be added [v8.16.0 try http://www.rsyslog.com/e/2221 ]
---- End output of rsyslogd -N 1 -f /etc/rsyslog.conf ----
Ran rsyslogd -N 1 -f /etc/rsyslog.conf returned 1
[2016-11-02T21:03:43+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
The input_file template included in the cookbook should not include imfile or should have some conditional logic to ensure it's only included in one of them. It might make sense to have a dedicated file in /etc/rsyslog.d
to include imfile
that is created anytime the ryslog_file_input
resource is used.
6.0.1
Feature request:
Add ability to install latest version of rsyslog or newer. We are trying to use an external yum repo to get a newer RPM, but the cookbook does not allow us to set it to latest
I'd like to support TCP and UDP concurrently in rsyslog.conf. An option for "both" could be added for node['rsyslog']['protocol'], but this attribute is used elsewhere in the client side configs. Perhaps a new attribute could be added such as node['rsyslog']['server_protocol'].
I could be missing something, but I don't see a way to specify the address to bind to.
http://www.rsyslog.com/doc/master/configuration/modules/imudp.html
Address
Default: *
Local IP address (or name) the UDP server should bind to. Use β*β to bind to all of the machineβs addresses.
Is there a way to do this, or are their plans to support this setting of rsyslog?
Like in most things, order matters within the rsyslog.conf - it would be swell if instead of a hash for the rsyslog.default_facility_logs and rsyslog.additional_directives it was an array of hashes, so that way line order could be easily specified.
{
"rsyslog": {
"default_facility_logs": [
{
"*.info": "/var/log/firstlog"
},
{
"*.info": "~"
},
{
"*.err": "/var/log/orderdoesntmatter1",
"*.debug": "/var/log/orderdoesntmatter2"
}
]
}
}
Within each array, a simple sort would/should be applied to ensure random array storage doesn't cause the file to be needlessly regenerated. So the template would end up looking like
<% node['rsyslog']['default_facility_logs'].each do |lines| %>
<% lines.sort.each do |key, value| %>
<%= key %> <%= value %>
<% end %>
<% end %>
This would grant people to slice, push, pop, etc entries the way they wanted.
The defaults could still be implemented as hash, just the first hash in the array
default['rsyslog']['default_facility_logs'] = [{
'*.info;mail.none;authpriv.none;cron.none' => "#{node['rsyslog']['default_log_dir']}/messages",
'authpriv.*' => "#{node['rsyslog']['default_log_dir']}/secure",
'mail.*' => "-#{node['rsyslog']['default_log_dir']}/maillog",
'cron.*' => "#{node['rsyslog']['default_log_dir']}/cron",
'*.emerg' => ':omusrmsg:*',
'uucp,news.crit' => "#{node['rsyslog']['default_log_dir']}/spooler",
'local7.*' => "#{node['rsyslog']['default_log_dir']}/boot.log"
}]
There's currently no way to set options like these
Would be useful to be able to override $DirCreateMode in 35-server-per-host.conf.erb
similar to rsyslog.conf.erb
Here's the override in rsyslog.conf
https://github.com/chef-cookbooks/rsyslog/blob/master/templates/default/rsyslog.conf.erb#L104
Is it possible to do the same for 35-server-per-host.conf.erb
?
$DirCreateMode <%= node['rsyslog']['dir_create_mode'] %>
Using this cookbook (v7.0.1
) with Chef (16.5.77
), I get the undesired behavior of NGINX logs getting logged twice in syslog
and messages
because the way the 35-server-per-host.conf.erb template is written.
According to NGINX docs, by default the severity
is set as info
, and in the 35-server-per-host.conf.erb template we can find that:
$template PerHostSyslog,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/syslog"
...
$template PerHostMessages,"<%= node['rsyslog']['log_dir'] %>/<%= node['rsyslog']['per_host_dir'] %>/messages"
...
*.*;auth,authpriv.none -?PerHostSyslog
...
*.=info;*.=notice;*.=warn;\
auth,authpriv.none;\
cron,daemon.none;\
mail,news.none -?PerHostMessages
so it matches both PerHostSyslog and PerHostMessages templates.
I've found a workaround in NGINX, which is set the severity
to crit
so it gets only logged in syslog
, but I don't really know if this is OK (my experience with rsyslog
and syslog
is very limited).
Would it be possible that the server.rb recipe had the source
property set via attribute so we can tune it to match our specific needs? E.g:
diff --git a/recipes/server.rb b/recipes/server.rb
index 7ea0e53..0eeb0bc 100644
--- a/recipes/server.rb
+++ b/recipes/server.rb
@@ -30,7 +30,7 @@ directory node['rsyslog']['log_dir'] do
end
template "#{node['rsyslog']['config_prefix']}/rsyslog.d/35-server-per-host.conf" do
- source '35-server-per-host.conf.erb'
+ source node['rsyslog']['server-per-host-template']
owner node['rsyslog']['config_files']['owner']
group node['rsyslog']['config_files']['group']
mode node['rsyslog']['config_files']['mode']
Currently the client recipe hard codes the number 49 for the position of the remote configuration. However in some cases it is useful to have a bigger gap between the remote and the 50-default. Or, to only send to remote after the default.
The number could be extracted to an attribute whose default value would be 49, thus not breaking anything, but allowing more flexibility in the position of the remote config.
1.15.0
12.18.31
CentOS 6.7
OpenStack
Removing default logs, such as the ones generated by sudo.
I've cleared the default['rsyslog']['default_facility_logs']
but I'm still getting logs from when I run sudo. I'd like to prevent that. Is there another place I'm missing?
To not have sudo or any logs besides the ones I explicitly specify to be sent over.
I'm still getting sudo and su logs and whatever else.
NoMethodError:
undefined method `action' for #Class:0x00000003339840 action provider
Not sure whether this lies with this cookbook or compat_resource, but I've had to lock down the version of compat_resource to get my build pipeline back in order. Appears there has been some work in this area relating to action in the compat_resource cookbook.
latest
11.16.2
amazon linux
using roles have a server change from including recipe "rsyslog::server" to including "rsyslog::client"
have two roles, one that includes recipe "rsyslog::server" and one that includes "rsyslog::client." If you switch from server to client role it will not work.
client recipe is run
client recipe starts to run but it immediately returns because the first line is:
return if node['rsyslog']['server']
this is because server.rb is using
node.normal['rsyslog']['server'] = true
this permanently sets that attribute on the node. so even if you start including the client recipe (and stop including server), the above setting persists and overrides the default of false. Why does this attribute have to be permanently applied to the server? Is there some reason, and if not it could be changed to
node.override['rsyslog']['server'] = true
Hello, I'm using this cookbook as part of Rackspace Private Cloud's Openstack installation. I've noticed that the rsyslog.conf that is set up by this cookbook sets the TCP port to 514. From what I can gather, port 514 should only be used for UDP, while ports 601 or 6514 should be used for TCP syslog traffic. I know this can be overridden easily, but I thought it may be something your team would like to explore.
Here's some references pointing to the port definitions:
6.0.8 + #152
chef-14.10.9-1.el7.x86_64
rpm -qf /etc/issue
centos-release-7-6.1810.2.el7.centos.x86_64
As rsyslog servers drop to 0 members in the list, the 49-remote.conf is not removed.
knife ssh testmonkey \
-- \
chef-client -W -o rsyslog::client \
-j '<(echo {\"rsyslog\":{\"custom_remote\":\[{\"server\":\"10.10.4.4\"}\]}})'
knife ssh testmonkey \
-- \
chef-client -W -o rsyslog::client
Remote.conf file should be removed to reflect empty forward-server list.
Nothing: file is not changed nor removed.
Using rsyslog 7.6.3 (wheezy-backports) on Debian throws a deprecation warning:
rsyslogd-2184: action '*' treated as ':omusrmsg:*' - please change syntax, '*' will not be supported in the future [try http://www.rsyslog.com/e/2184 ]
see: http://lists.adiscon.net/pipermail/rsyslog/2012-October/030845.html
and: https://github.com/opscode-cookbooks/rsyslog/blob/81252ccea0b7647c3692cdfc1cd7930e63430438/attributes/default.rb#L95
I'm an rsyslog noob, so I'm not sure if fixing this breaks older versions.
Cookbook supports multiple remote servers. But this is not implemented as should be. By documentation http://www.rsyslog.com/doc/v8-stable/tutorials/reliable_forwarding.html , when there is more than 1 remote server, client should create more queues with different names. So this part https://github.com/chef-cookbooks/rsyslog/blob/master/templates/default/49-remote.conf.erb is wrong, because here it is hardcoded that there is only 1 queue.
The File_input is missing the facility. It looks like it is missing an = sign like the other parameters.
This will prevent modifications from happening even when there is no real configuration change. Currently when I run the 50-default.conf.erb will change on almost every run due to different key order in the template. Sorting the keys will prevent this from happening.
6.0.1
12.19.36
We are using some custom rsyslog filters like this:
:msg, contains, "watcherout" /var/log/watcherout
We are doing that manually currently.
Is there any way to configure it and add the filter into rsyslog.conf
using this cookbook?
I noticed the most recent release, 4.0.1, was a patch release but added some new functionality - namely the config validation, tls_permitted_peer, and support for suse. According to semver and the contribution guidelines new functionality should be released in a minor version. As a consumer of community cookbooks I use the version numbering in my decision for how much scrutiny and testing to give to a release therefore it would be good if all releases followed semver.
The cookbook doesn't support different rsyslog package name other than "rsyslog", on Red Hat 5 and 6 you can choose different rsyslog versions (on main update repo) like "rsyslog" or "rsyslog7". So if you have different version https://github.com/chef-cookbooks/rsyslog/blob/master/recipes/client.rb will fail on install part. So I think cookbook should needs an attribute with package name.
Need ability to add server ip address over attributes for using recipe with chef-client --local-mode
6.0.7
14.10.9
CentOS 7
/etc/rsyslog.conf :
$DirOwner adm
$DirGroup adm
This doesn't match how the files are installed, however:
# rpm -qf /etc/rsyslog.conf --dump | grep /etc/rsyslog.conf
/etc/rsyslog.conf 3232 1540910955 452bf7d5aca09e7a24c303c5b33f8402c2c76893ed1f1bbbb9314f399f71c2bd 0100644 root root 1 0 0 X
(the second 'root' is the group)
RHELs typically chgrp everything as root in that tree.
(up to date)
Files are chgrped as adm.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.