75 lines
2.6 KiB
YAML
75 lines
2.6 KiB
YAML
---
|
|
- name: rsyslog-configuration | Rsyslog custom rules
|
|
tags: rsyslog
|
|
block:
|
|
- name: rsyslog-configuration | Install custom rsyslog rules
|
|
ansible.builtin.template:
|
|
src: 10-custom_rules.conf.j2
|
|
dest: /etc/rsyslog.d/10-custom_rules.conf
|
|
owner: root
|
|
group: root
|
|
mode: "0444"
|
|
when: default_rsyslog_custom_rules is defined
|
|
notify: Restart rsyslog
|
|
|
|
- name: rsyslog-configuration | Configure rsyslog so that it accepts logs from remote services
|
|
when: rsyslog_enable_remote_socket
|
|
tags: ['syslog', 'rsyslog', 'remote_syslog', 'rsyslog_conf']
|
|
block:
|
|
- name: rsyslog-configuration | Install the rsyslog configuration that enables the remote socket
|
|
ansible.builtin.template:
|
|
src: rsyslog-remote-socket.conf.j2
|
|
dest: /etc/rsyslog.d/10-rsyslog-remote-socket.conf
|
|
owner: root
|
|
group: root
|
|
mode: "0444"
|
|
notify: Restart rsyslog
|
|
|
|
- name: rsyslog-configuration | Install a logrotate configuration for the logs from remote
|
|
ansible.builtin.template:
|
|
src: remote-logrotate.j2
|
|
dest: /etc/logrotate.d/rsyslog-remote
|
|
owner: root
|
|
group: root
|
|
mode: "0444"
|
|
notify: Restart rsyslog
|
|
|
|
- name: rsyslog-configuration | Configure rsyslog to send logs to a remote collector
|
|
when: rsyslog_enable_send_to_remote
|
|
tags: ['syslog', 'rsyslog', 'remote_syslog', 'rsyslog_conf']
|
|
block:
|
|
- name: rsyslog-configuration | Install the rsyslog client configuration
|
|
ansible.builtin.template:
|
|
src: rsyslog-send-to-remote.conf.j2
|
|
dest: /etc/rsyslog.d/10-rsyslog-send-to-remote.conf
|
|
owner: root
|
|
group: root
|
|
mode: "0444"
|
|
notify: Restart rsyslog
|
|
|
|
- name: rsyslog-configuration | Manage the logging into /var/log/syslog
|
|
when: ansible_distribution == "Ubuntu"
|
|
tags: ['syslog', 'rsyslog', 'rsyslog_log_syslog', 'rsyslog_conf']
|
|
block:
|
|
- name: rsyslog-configuration | Disable logging into /var/log/syslog
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/rsyslog.d/50-default.conf
|
|
regexp: '^*.*;auth,authpriv.none'
|
|
line: '*.*;auth,authpriv.none -/var/log/syslog'
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify: Restart rsyslog
|
|
when: rsyslog_disable_var_log_syslog
|
|
|
|
- name: rsyslog-configuration | Enable logging into /var/log/syslog
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/rsyslog.d/50-default.conf
|
|
regexp: '^# *.*;auth,authpriv.none'
|
|
line: '*.*;auth,authpriv.none -/var/log/syslog'
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
notify: Restart rsyslog
|
|
when: not rsyslog_disable_var_log_syslog
|