25 lines
1021 B
YAML
25 lines
1021 B
YAML
---
|
|
- name: Add the syslog user to the adm group so it can read all the log files
|
|
user: name=syslog groups=adm
|
|
tags: [ 'rsyslog', 'logstash' ]
|
|
|
|
- name: Upgrade rsyslog and install the elasticsearch module
|
|
apt: pkg={{ item }} state={{ rsyslog_pkg_status }} update_cache=yes cache_valid_time=1800
|
|
with_items:
|
|
- rsyslog
|
|
- rsyslog-elasticsearch
|
|
tags: [ 'rsyslog', 'logstash' ]
|
|
|
|
- name: Add a rsyslog configuration to send logfiles data to a logstash collector or directly to elasticsearch
|
|
template: src=rsyslog-logstash.conf.j2 dest=/etc/rsyslog.d/90-rsyslog-logstash.conf owner=root group=root mode=0444
|
|
when: rsyslog_send_to_elasticsearch | bool
|
|
notify: Restart rsyslog
|
|
tags: [ 'rsyslog', 'logstash' ]
|
|
|
|
- name: Remove the rsyslog configuration to send logfiles data to a logstash collector or directly to elasticsearch
|
|
file: dest=/etc/rsyslog.d/90-rsyslog-logstash.conf state=absent
|
|
when: not rsyslog_send_to_elasticsearch | bool
|
|
notify: Restart rsyslog
|
|
tags: [ 'rsyslog', 'logstash' ]
|
|
|