ansible_rsyslog_logzio

Ansible Role: rsyslog-logzio

An Ansible role to configure a CentOS 7 machine to send logs through rsyslog over TLS to logz.io. More documentation on the steps involved is here https://app.logz.io/#/dashboard/data-sources/rsyslog-overTLS.

TODO: Include more than one file to be sent in logz.io in the variable rsyslog_logzio_filepath.

Requirements

Selinux default configuration does not allow for rsyslog to forward meesages to a remote host. Adopt selinux policies or set it to permissive for this role to work in CentOS 7.

Role Variables

Main variables to define are described in defaults/main.yml. The easiest way to set your variables is to create a variable file in vars/logzio.yml with this content:

To get the API token use the Token variable from the General Setting site in Logz.io.

To get an idea on the logz.io types see here.

$ cat vars/logzio.yml
---
# defaults file for ansible-rsyslog-logzio
rsyslog_logzio_filepath: "FILE_TO_READ_FOR_LOGS"
rsyslog_logzio_type: "LOGZ_IO_TYPE"
rsyslog_logzio_api_token: "YOUR_API_CODE_HERE"

Include these variables in the playbook with the vars setting in the role. See below an example. Role will not work without these variables

Dependencies

No dependencies are needed from this role.

Example Playbook

This is a simple

- name: apply the logz.io rsyslog forwarder
  hosts:
    - all
  vars_files:
    - ./vars/logzio.yml
  roles:
    - { role: besmirzanaj.ansible_rsyslog_logzio } 

License

CC-BY-4.0

Author Information

This role was created in 2020 by Besmir Zanaj.

About

Ansible role to send /var/log/messages to logz.io over TLS

Install
ansible-galaxy install besmirzanaj/ansible-rsyslog-logzio
GitHub repository
License
Unknown
Downloads
2589
Owner
Sysadmin & Netsec by day.