mirror of
https://github.com/valitydev/salt.git
synced 2024-11-08 09:23:56 +00:00
370 lines
7.8 KiB
ReStructuredText
370 lines
7.8 KiB
ReStructuredText
.. syslog_ng-sate-usage:
|
|
|
|
Syslog-ng usage
|
|
===============
|
|
|
|
The syslog\_ng state modul is to generate syslog-ng
|
|
configurations. You can do the following things:
|
|
|
|
- generate syslog-ng configuration from YAML,
|
|
- use non-YAML configuration,
|
|
- start, stop or reload syslog-ng.
|
|
|
|
There is also an execution module, which can check the syntax of the
|
|
configuration, get the version and other information about syslog-ng.
|
|
|
|
Configuration
|
|
-------------
|
|
|
|
The following configuration is an example, how a complete syslog-ng
|
|
state configuration looks like:
|
|
|
|
.. code-block:: yaml
|
|
|
|
# Set the location of the configuration file
|
|
"/home/tibi/install/syslog-ng/etc/syslog-ng.conf":
|
|
syslog_ng.set_config_file
|
|
|
|
# The syslog-ng and syslog-ng-ctl binaries are here. You needn't use
|
|
# this method if these binaries can be found in a directory in your PATH.
|
|
"/home/tibi/install/syslog-ng/sbin":
|
|
syslog_ng.set_binary_path
|
|
|
|
# Writes the first lines into the config file, also erases its previous
|
|
# content
|
|
"3.6":
|
|
syslog_ng.write_version
|
|
|
|
# Some global options
|
|
global_options:
|
|
syslog_ng.config:
|
|
- config:
|
|
options:
|
|
- time_reap: 30
|
|
- mark_freq: 10
|
|
- keep_hostname: "yes"
|
|
|
|
s_localhost:
|
|
syslog_ng.config:
|
|
- config:
|
|
source:
|
|
- tcp:
|
|
- ip: "127.0.0.1"
|
|
- port: 1233
|
|
|
|
d_log_server:
|
|
syslog_ng.config:
|
|
- config:
|
|
destination:
|
|
- tcp:
|
|
- "127.0.0.1"
|
|
- port: 1234
|
|
|
|
l_log_to_central_server:
|
|
syslog_ng.config:
|
|
- config:
|
|
log:
|
|
- source: s_localhost
|
|
- destination: d_log_server
|
|
|
|
some_comment:
|
|
syslog_ng.write_config:
|
|
- config: |
|
|
# Multi line
|
|
# comment
|
|
|
|
auto_start_or_reload:
|
|
{% set pids = salt["ps.pgrep"]("syslog-ng") %}
|
|
{% if pids == None or pids|length == 0 %}
|
|
syslog_ng.started:
|
|
- user: tibi
|
|
{% else %}
|
|
syslog_ng.reloaded
|
|
{% endif %}
|
|
|
|
#auto_stop:
|
|
# syslog_ng.stopped
|
|
|
|
The ``3.6``, ``s_devlog``, ``d_log_server``, etc. are identifiers. The
|
|
second lines in each block are functions and their first parameter is
|
|
their id. The ``- config`` is the second named parameter of the
|
|
``syslog_ng.config`` function. This function can generate the syslog-ng
|
|
configuration from YAML. If the statement (source, destination, parser,
|
|
etc.) has a name, this function uses the id as the name, otherwise (log
|
|
statement) it's purpose is like a mandatory comment.
|
|
|
|
You can use ``set_binary_path`` to set the directory which contains the
|
|
syslog-ng and syslog-ng-ctl binaries. If this directory is in your PATH,
|
|
you dont't need to use this function.
|
|
|
|
Under ``auto_start_or_reload`` you can see a Jinja template. If
|
|
syslog-ng isn't running it will start it, otherwise reload it. It uses
|
|
the process name ``syslog-ng`` to determine its running state. I suggest
|
|
that you use ``service`` state if it's available on your system.
|
|
|
|
After execution this example the syslog\_ng state will generate this
|
|
file:
|
|
|
|
.. code-block:: text
|
|
|
|
#Generated by Salt on 2014-06-19 16:53:11
|
|
@version: 3.6
|
|
|
|
options {
|
|
time_reap(30);
|
|
mark_freq(10);
|
|
keep_hostname(yes);
|
|
};
|
|
|
|
source s_localhost {
|
|
tcp(
|
|
ip("127.0.0.1"),
|
|
port(1233)
|
|
);
|
|
};
|
|
|
|
destination d_log_server {
|
|
tcp(
|
|
"127.0.0.1",
|
|
port(1234)
|
|
);
|
|
};
|
|
|
|
log {
|
|
source(s_localhost);
|
|
destination(d_log_server);
|
|
};
|
|
|
|
# Multi line
|
|
# comment
|
|
|
|
Users can include arbitrary texts in the generated configuration with
|
|
using the ``write_config`` function.
|
|
|
|
Examples
|
|
--------
|
|
|
|
Simple source
|
|
~~~~~~~~~~~~~
|
|
|
|
.. code-block:: text
|
|
|
|
source s_tail {
|
|
file(
|
|
"/var/log/apache/access.log",
|
|
follow_freq(1),
|
|
flags(no-parse, validate-utf8)
|
|
);
|
|
};
|
|
|
|
.. code-block:: yaml
|
|
|
|
s_tail:
|
|
# Salt will call the source function of syslog_ng module
|
|
syslog_ng.config:
|
|
- config:
|
|
source:
|
|
- file:
|
|
- file: "/var/log/apache/access.log"
|
|
- follow_freq : 1
|
|
- flags:
|
|
- no-parse
|
|
- validate-utf8
|
|
|
|
OR
|
|
|
|
.. code-block:: yaml
|
|
|
|
s_tail:
|
|
syslog_ng.config:
|
|
- config:
|
|
source:
|
|
- file:
|
|
- "/var/log/apache/access.log"
|
|
- follow_freq : 1
|
|
- flags:
|
|
- no-parse
|
|
- validate-utf8
|
|
|
|
Complex source
|
|
~~~~~~~~~~~~~~
|
|
|
|
.. code-block:: text
|
|
|
|
source s_gsoc2014 {
|
|
tcp(
|
|
ip("0.0.0.0"),
|
|
port(1234),
|
|
flags(no-parse)
|
|
);
|
|
};
|
|
|
|
.. code-block:: yaml
|
|
|
|
s_gsoc2014:
|
|
syslog_ng.config:
|
|
- config:
|
|
source:
|
|
- tcp:
|
|
- ip: 0.0.0.0
|
|
- port: 1234
|
|
- flags: no-parse
|
|
|
|
Filter
|
|
~~~~~~
|
|
|
|
.. code-block:: text
|
|
|
|
filter f_json {
|
|
match(
|
|
"@json:"
|
|
);
|
|
};
|
|
|
|
.. code-block:: yaml
|
|
|
|
f_json:
|
|
syslog_ng.config:
|
|
- config:
|
|
filter:
|
|
- match:
|
|
- "@json:"
|
|
|
|
Template
|
|
~~~~~~~~
|
|
|
|
.. code-block:: text
|
|
|
|
template t_demo_filetemplate {
|
|
template(
|
|
"$ISODATE $HOST $MSG "
|
|
);
|
|
template_escape(
|
|
no
|
|
);
|
|
};
|
|
|
|
.. code-block:: yaml
|
|
|
|
t_demo_filetemplate:
|
|
syslog_ng.config:
|
|
-config:
|
|
template:
|
|
- template:
|
|
- "$ISODATE $HOST $MSG\n"
|
|
- template_escape:
|
|
- "no"
|
|
|
|
Rewrite
|
|
~~~~~~~
|
|
|
|
.. code-block:: text
|
|
|
|
rewrite r_set_message_to_MESSAGE {
|
|
set(
|
|
"${.json.message}",
|
|
value("$MESSAGE")
|
|
);
|
|
};
|
|
|
|
.. code-block:: yaml
|
|
|
|
r_set_message_to_MESSAGE:
|
|
syslog_ng.config:
|
|
- config:
|
|
rewrite:
|
|
- set:
|
|
- "${.json.message}"
|
|
- value : "$MESSAGE"
|
|
|
|
Global options
|
|
~~~~~~~~~~~~~~
|
|
|
|
.. code-block:: text
|
|
|
|
options {
|
|
time_reap(30);
|
|
mark_freq(10);
|
|
keep_hostname(yes);
|
|
};
|
|
|
|
.. code-block:: yaml
|
|
|
|
global_options:
|
|
syslog_ng.config:
|
|
- config:
|
|
options:
|
|
- time_reap: 30
|
|
- mark_freq: 10
|
|
- keep_hostname: "yes"
|
|
|
|
Log
|
|
~~~
|
|
|
|
.. code-block:: text
|
|
|
|
log {
|
|
source(s_gsoc2014);
|
|
junction {
|
|
channel {
|
|
filter(f_json);
|
|
parser(p_json);
|
|
rewrite(r_set_json_tag);
|
|
rewrite(r_set_message_to_MESSAGE);
|
|
destination {
|
|
file(
|
|
"/tmp/json-input.log",
|
|
template(t_gsoc2014)
|
|
);
|
|
};
|
|
flags(final);
|
|
};
|
|
channel {
|
|
filter(f_not_json);
|
|
parser {
|
|
syslog-parser(
|
|
|
|
);
|
|
};
|
|
rewrite(r_set_syslog_tag);
|
|
flags(final);
|
|
};
|
|
};
|
|
destination {
|
|
file(
|
|
"/tmp/all.log",
|
|
template(t_gsoc2014)
|
|
);
|
|
};
|
|
};
|
|
|
|
.. code-block:: yaml
|
|
|
|
l_gsoc2014:
|
|
syslog_ng.config:
|
|
- config:
|
|
log:
|
|
- source: s_gsoc2014
|
|
- junction:
|
|
- channel:
|
|
- filter: f_json
|
|
- parser: p_json
|
|
- rewrite: r_set_json_tag
|
|
- rewrite: r_set_message_to_MESSAGE
|
|
- destination:
|
|
- file:
|
|
- "/tmp/json-input.log"
|
|
- template: t_gsoc2014
|
|
- flags: final
|
|
- channel:
|
|
- filter: f_not_json
|
|
- parser:
|
|
- syslog-parser: []
|
|
- rewrite: r_set_syslog_tag
|
|
- flags: final
|
|
- destination:
|
|
- file:
|
|
- "/tmp/all.log"
|
|
- template: t_gsoc2014
|
|
|