dev
diff --git a/rsyslog/common.sls b/rsyslog/common.sls
index 3611194..9aa108e 100644
--- a/rsyslog/common.sls
+++ b/rsyslog/common.sls
@@ -14,9 +14,9 @@
- require:
- pkg: rsyslog_packages
-/etc/rsyslog.d/10-default.conf:
+/etc/rsyslog.d/50-default.conf:
file.managed:
- - source: salt://rsyslog/files/10-default.conf
+ - source: salt://rsyslog/files/default.conf
- template: jinja
- mode: 0640
- require:
@@ -33,6 +33,8 @@
{{ output }}:
file.managed:
- mode: "{{ type['createmode'] }}"
+ - owner: {{ type['owner'] }}
+ - group: {{ type['group'] }}
- watch:
- file: /etc/rsyslog.conf
- watch_in:
diff --git a/rsyslog/files/10-default.conf b/rsyslog/files/10-default.conf
deleted file mode 100644
index db5f45b..0000000
--- a/rsyslog/files/10-default.conf
+++ /dev/null
@@ -1,8 +0,0 @@
-{%- from "rsyslog/map.jinja" import client,server with context -%}
-{% for output,type in server.output.file.iteritems() %}
-{{ output['filter'] }} {{ name }}
-$FileOwner: {{ output['owner'] }}
-$FileGroup: {{ output['group'] }}
-$FileCreateMode: "{{ output['createmode'] }}"
-$Umask: "{{ output['umask'] }}"
-{% endfor %}
diff --git a/rsyslog/files/default.conf b/rsyslog/files/default.conf
new file mode 100644
index 0000000..2824135
--- /dev/null
+++ b/rsyslog/files/default.conf
@@ -0,0 +1,28 @@
+{%- from "rsyslog/map.jinja" import client,server with context -%}
+{%- for name,config in server.output.file.iteritems() %}
+{% if config.owner is defined %}
+$FileOwner: {{ config['owner'] }}
+{% endif %}
+{% if config.group is defined %}
+$FileGroup: {{ config['group'] }}
+{% endif %}
+{% if config.createmode is defined %}
+$FileCreateMode: "{{ config['createmode'] }}"
+{% endif %}
+{% if config.umask is defined %}
+$Umask: "{{ config['umask'] }}"
+{% endif %}
+{{ config['filter'] }} {% if config.sync == true %}-{% endif %}{{ name }}
+{% endfor %}
+
+{% if server.output.console is defined %}
+{% for name,config in server.output.console.iteritems() %}
+{{ config['filter'] }} {{ config['action'] }}
+{% endfor %}
+{% endif %}
+
+{% if server.output.remote is defined %}
+{% for name,config in server.output.console.iteritems() %}
+{{ config['filter'] }} {{ config['action'] }}
+{% endfor %}
+{% endif %}
diff --git a/rsyslog/files/rsyslog.conf.Debian b/rsyslog/files/rsyslog.conf.Debian
index 3611f08..3017ba8 100644
--- a/rsyslog/files/rsyslog.conf.Debian
+++ b/rsyslog/files/rsyslog.conf.Debian
@@ -45,17 +45,6 @@
# Filter duplicated messages
$RepeatedMsgReduction on
-#
-# Set the default permissions for all log files.
-#
-{% for name, values in client.logfiles.iteritems() %}
-{{ values['filter'] }} {{ name }}
-$FileOwner: {{ values['owner'] }}
-$FileGroup: {{ values['group'] }}
-$FileCreateMode: "{{ values['createmode'] }}"
-$Umask: "{{ values['umask'] }}"
-{% endfor %}
-
$DirCreateMode 0755
$PrivDropToUser syslog
$PrivDropToGroup syslog
diff --git a/rsyslog/map.jinja b/rsyslog/map.jinja
index 7062f42..8495296 100644
--- a/rsyslog/map.jinja
+++ b/rsyslog/map.jinja
@@ -4,6 +4,7 @@
- rsyslog
service:
- rsyslogd
+ workdirectory: /var/spool/rsyslog
output:
file:
/var/log/syslog:
@@ -39,6 +40,7 @@
umask: "0022"
enable: true
/var/log/mail.err:
+ sync: false
action: /var/log/mail.err
filter: mail.err
owner: syslog
@@ -55,23 +57,62 @@
action: "|/dev/xconsole"
filter: "daemon.*;mail.*; news.err; *.=debug;*.=info;*.=notice;*.=warn"
enable: true
+ remote:
+ somehost.domain:
+ action: "@@remote-host:514"
+ filter: "*.*"
+ enable: false
RedHat:
pkgs:
- rsyslog
service:
- rsyslogd
- file:
- owner: root
- group: root
- createmode: "0640"
- umask: "0000"
- logfiles:
- - /var/log/messages
- - /var/log/secure
- - /var/log/maillog
- - /var/log/cron
- - /var/log/spooler
- - /var/log/boot.log
+ workdirectory: /var/lib/rsyslog
+ output:
+ file:
+ /var/log/messages:
+ sync: true
+ filter: "*.info;mail.none;authpriv.none;cron.none"
+ owner: root
+ group: root
+ createmode: "0600"
+ umask: "0000"
+ enable: true
+ /var/log/secure:
+ sync: true
+ filter: "authpriv.*"
+ owner: root
+ group: root
+ createmode: "0600"
+ enable: true
+ /var/log/maillog:
+ sync: true
+ filter: "mail.*"
+ owner: root
+ group: root
+ createmode: "0600"
+ enable: true
+ /var/log/cron:
+ sync: true
+ filter: "cron.*"
+ owner: root
+ group: root
+ createmode: "0600"
+ enable: true
+ /var/log/spooler:
+ sync: true
+ filter: "uucp,news.crit"
+ owner: root
+ group: root
+ createmode: "0600"
+ enable: true
+ /var/log/boot.log:
+ sync: false
+ filter: "local7.*"
+ owner: root
+ group: root
+ createmode: "0600
+ enable: true
{%- endload %}
{%- set server = salt['grains.filter_by'](base_defaults, merge=salt['pillar.get']('rsyslog:server')) %}
{%- set client = salt['grains.filter_by'](base_defaults, merge=salt['pillar.get']('rsyslog:client')) %}