buluma.rsyslog

Ansible Role rsyslog

This role helps you install and set up rsyslog on your system.

GitHub	Version	Issues	Pull Requests	Downloads

Example Playbook

Here's a simple playbook example from molecule/default/converge.yml. It is tested with every push, pull request, and release.

---
- name: Converge
  hosts: all
  become: true
  gather_facts: true

  roles:
    - role: buluma.rsyslog
      vars:
        rsyslog_traditional_file_format: false
        rsyslog_omit_local_logging: false

Before running the playbook, prepare your machine using this playbook from molecule/default/prepare.yml:

---
- name: Prepare
  hosts: all
  become: true
  gather_facts: false

  roles:
    - role: buluma.bootstrap

For more detailed instructions, check the full explanation and example on using these roles.

Role Variables

Default variable values are set in defaults/main.yml:

---
# defaults for rsyslog

# Set to true to configure a server to receive logs from other systems.
rsyslog_receiver: false

# If you want to forward logs to another server, set this to that server's hostname or IP.
# Not setting this variable means logs won't be forwarded.
# rsyslog_remote: server1.example.com

# If rsyslog_remote is set, this sets the pattern for which messages to send to the remote server.
# The default "*.*" sends all messages.
rsyslog_remote_selector: "*.*"

# If rsyslog_remote is set, use TCP if true; UDP if false.
rsyslog_remote_tcp: true

# The port to use when sending logs to the remote server.
rsyslog_remote_port: 514

# Set the permissions for new directories.
rsyslog_dircreatemode: "0700"

# Set the permissions for new log files.
rsyslog_filecreatemode: "0644"

# Define which modules are enabled.
rsyslog_mods:
  - imuxsock
  - imjournal

# Optionally configure rsyslog with a basic default setup (might conflict with custom setup).
rsyslog_deploy_default_config: true

# Default logging rules for various system logs.
rsyslog_default_rules:
  - { rule: '*.info;mail.none;authpriv.none;cron.none', logpath: '/var/log/messages' }
  - { rule: 'authpriv.*', logpath: '/var/log/secure' }
  - { rule: 'mail.*', logpath: '-/var/log/maillog' }
  - { rule: 'cron.*', logpath: '/var/log/cron' }
  - { rule: '*.emerg', logpath: ':omusrmsg:*' }
  - { rule: 'uucp,news.crit', logpath: '/var/log/spooler' }
  - { rule: 'local7.*', logpath: '/var/log/boot.log' }

# Choose the configuration file format for rsyslog; legacy is the default for compatibility.
rsyslog_config_file_format: legacy

# Specify the name of the additional rule file to add in /etc/rsyslog.d/.
# rsyslog_forward_rule_name: <to fill>

# Install the rsyslog package; use 'latest' for the newest version.
rsyslog_package_state: present

# Control whether to preserve full domain names in log entries.
rsyslog_preservefqdn: false

# Specify additional configuration files in /etc/rsyslog.d.
# Example:
# rsyslog_rsyslog_d_files:
#   000-splunk:
#     content: |
#       auth,authpriv.* action(type="omfwd"
#                              target="splunk"
#                              port="514"
#                              protocol="tcp")
rsyslog_rsyslog_d_files: []

# Workaround for logrotate-related issues.
rsyslog_workaroundjournalbug: false

# Disable local logging via the system log socket.
rsyslog_imuxsock_syssock: false

# Install additional rsyslog packages if needed.
# Example for installing rsyslog-elasticsearch:
# rsyslog_features:
#   - gnutls
#   - elastisearch
rsyslog_features: []

# Default location for the main rsyslog configuration file.
rsyslog_dest_conf_file: "/etc/rsyslog.conf"

# Enable or disable the option to omit local logging.
rsyslog_omit_local_logging: true

# Allow using the traditional file format for logs.
rsyslog_traditional_file_format: true