diff options
Diffstat (limited to 'data/templates/rsyslog/rsyslog.conf.j2')
| -rw-r--r-- | data/templates/rsyslog/rsyslog.conf.j2 | 125 |
1 files changed, 100 insertions, 25 deletions
diff --git a/data/templates/rsyslog/rsyslog.conf.j2 b/data/templates/rsyslog/rsyslog.conf.j2 index 2e3d19afd..efb23ca7d 100644 --- a/data/templates/rsyslog/rsyslog.conf.j2 +++ b/data/templates/rsyslog/rsyslog.conf.j2 @@ -1,51 +1,126 @@ ### Autogenerated by system_syslog.py ### +#### MODULES #### +# Load input modules for local logging and kernel logging + +# Old-style log file format with low-precision timestamps +# A modern-style logfile format with high-precision timestamps and timezone info +# RSYSLOG_FileFormat +module(load="builtin:omfile" Template="RSYSLOG_TraditionalFileFormat") +module(load="imuxsock") # provides support for local system logging +module(load="imklog") # provides kernel logging support + +# Import logs from journald +module( + load="imjournal" + StateFile="/var/spool/rsyslog/imjournal.state" # Persistent state file to track the journal cursor + Ratelimit.Interval="0" # Disable rate limiting (set to "0" for no limit) + RateLimit.Burst="0" +) + +#### GLOBAL DIRECTIVES #### +### TODO - remove +# Filter duplicated messages +# https://www.rsyslog.com/doc/configuration/action/rsconf1_repeatedmsgreduction.html +$RepeatedMsgReduction on + +########################################## +#### AUTH.LOG CHANNEL AND LOGGING RULES #### +########################################## + +# Log specific programs to auth.log, then stop further processing +if ( + $programname == "CRON" or + $programname == "sudo" or + $programname == "su" +) then { + action(type="omfile" file="/var/log/auth.log") + stop +} + +global(workDirectory="/var/spool/rsyslog") + +############### +#### RULES #### +############### + +# Send emergency messages to all logged-in users +*.emerg action(type="omusrmsg" users="*") + {% if global.marker is vyos_defined %} -$ModLoad immark -{% if global.marker.interval is vyos_defined %} -$MarkMessagePeriod {{ global.marker.interval }} -{% endif %} +# Load the immark module for periodic --MARK-- message capability +module(load="immark" interval="{{ global.marker.interval }}") {% endif %} {% if global.preserve_fqdn is vyos_defined %} -$PreserveFQDN on +# Preserve the fully qualified domain name (FQDN) in log messages +global(preserveFQDN="on") {% endif %} - {% if global.local_host_name is vyos_defined %} -$LocalHostName {{ global.local_host_name }} +# Set the local hostname for log messages +global(localHostname="{{ global.local_host_name }}") {% endif %} -# We always log to /var/log/messages -$outchannel global,/var/log/messages,262144,/usr/sbin/logrotate {{ logrotate }} +#### GLOBAL LOGGING #### {% if global.facility is vyos_defined %} {% set tmp = [] %} -{% for facility, facility_options in global.facility.items() %} -{% set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %} -{% endfor %} -{{ tmp | join(';') }} :omfile:$global +{% if global.facility is vyos_defined %} +{% for facility, facility_options in global.facility.items() %} +{% set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %} +{% endfor %} +if prifilt("{{ tmp | join(',') }}") then { + action( + type="omfile" + file="/var/log/messages" + queue.size="262144" + rotation.sizeLimitCommand="/usr/sbin/logrotate {{ logrotate }}" + ) +} +{% endif %} {% endif %} +#### CONSOLE LOGGING #### {% if console.facility is vyos_defined %} -# Console logging {% set tmp = [] %} -{% for facility, facility_options in console.facility.items() %} -{% set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %} -{% endfor %} -{{ tmp | join(';') }} /dev/console +{% if console.facility is vyos_defined %} +{% for facility, facility_options in console.facility.items() %} +{% set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %} +{% endfor %} +if prifilt("{{ tmp | join(',') }}") then { + action(type="omfile" file="/dev/console") +} +{% endif %} {% endif %} +#### REMOTE LOGGING #### {% if remote is vyos_defined %} -# Remote logging {% for remote_name, remote_options in remote.items() %} {% set tmp = [] %} {% if remote_options.facility is vyos_defined %} {% for facility, facility_options in remote_options.facility.items() %} -{% set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %} +{% set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %} {% endfor %} -{% endif %} -{% if remote_options.protocol is vyos_defined('tcp') %} -{{ tmp | join(';') }} @@{{ '(o)' if remote_options.format.octet_counted is vyos_defined }}{{ remote_name | bracketize_ipv6 }}:{{ remote_options.port }}{{ ';RSYSLOG_SyslogProtocol23Format' if remote_options.format.include_timezone is vyos_defined }} -{% else %} -{{ tmp | join(';') }} @{{ remote_name | bracketize_ipv6 }}:{{ remote_options.port }}{{ ';RSYSLOG_SyslogProtocol23Format' if remote_options.format.include_timezone is vyos_defined }} +{% set _ = tmp.sort() %} +# Remote syslog to {{ remote_name }} +if prifilt("{{ tmp | join(',') }}") then { + action( + type="omfwd" + # Remote syslog server where we send our logs to + target="{{ remote_name | bracketize_ipv6 }}" + # Port on the remote syslog server + port="{{ remote_options.port }}" + protocol="{{ remote_options.protocol }}" +{% if remote_options.format.include_timezone is vyos_defined %} + template="SyslogProtocol23Format" +{% endif %} + TCP_Framing="{{ 'octed-counted' if remote_options.format.octet_counted is vyos_defined else 'traditional' }}" +{% if vrf is vyos_defined %} + Device="{{ vrf }}" +{% endif %} + ) +} {% endif %} {% endfor %} {% endif %} + +# Include all configuration files in /etc/rsyslog.d/ +include(file="/etc/rsyslog.d/*.conf") |