[Puppet Users] Re: Setting up a syslog-ng server with puppet?

Mon, 22 Sep 2008 13:37:59 -0700 

On 9/22/2008 2:30 PM, Brian Gupta wrote:
> Anyone have any recipes for this? Also logrotate bits would help.

I just leave logrotate on the defaults. But for syslog-ng (edited down 
to the relevant bits):

> node "syslog.cae.tntech.edu" {
>     include baseclass
>     $syslogtype = 'server'
>     include cae-host
> }
> class cae-host {
>     include syslog-ng
> }

All other nodes that include cae-host don't set $syslogtype explicitly, 
so they end up with the default settings suitable for a client.

syslog-ng.pp:

> class syslog-ng {
>   package { syslog-ng: ensure => installed }
>   file { syslog-ngconf:
>     path => $operatingsystem ? {
>       default => "/etc/syslog-ng/syslog-ng.conf"
>     },
>     owner => root, group => root, mode => 644,
>     source => $syslogtype ? {
>         server  => "puppet:///files/apps/syslog-ng/syslog-ng.conf.server",
>         client  => "puppet:///files/apps/syslog-ng/syslog-ng.conf",
>         default => "puppet:///files/apps/syslog-ng/syslog-ng.conf",
>     },
>     require => Package[syslog-ng]
>   }
>   service { syslog-ng:
>     ensure => running,
>     enable => true,
>     subscribe => [Package[syslog-ng], File[syslog-ngconf]]
>   }
>   file { bzipoldlogs:
>     path => $operatingsystem ? {
>       default => "/usr/local/sbin/bzipoldlogs"
>     },
>     owner   => root, group => root, mode => 700,
>     source  => "puppet:///files/apps/syslog-ng/bzipoldlogs",
>     ensure  => $syslogtype ? {
>         server  => present,
>         client  => absent,
>         default => absent
>     },
>     require => Package[syslog-ng]
>   }
>   cron { bzipoldlogs:
>       command => "/usr/local/sbin/bzipoldlogs",
>       user    => root,
>       hour    => 0,
>       minute  => 5,
>       ensure  => $syslogtype ? {
>           server  => present,
>           client  => absent,
>           default => absent
>       }
>   }
>   file { mklogcheckfiles:
>     path => $operatingsystem ? {
>       default => "/usr/local/sbin/mklogcheckfiles"
>     },
>     owner   => root, group => root, mode => 700,
>     source  => "puppet:///files/apps/syslog-ng/mklogcheckfiles",
>     ensure  => $syslogtype ? {
>         server  => present,
>         client  => absent,
>         default => absent
>     },
>     require => Package[syslog-ng]
>   }
>   cron { mklogcheckfiles:
>       command => "/usr/local/sbin/mklogcheckfiles",
>       user    => root,
>       hour    => 0,
>       minute  => 4,
>       ensure  => $syslogtype ? {
>           server  => present,
>           client  => absent,
>           default => absent
>       }
>   }
> }

bzipoldlogs:

> #!/bin/sh
> for name in `find /var/log/HOSTS ! -name "*bz2" -type f ! -path 
> "*/\`/bin/date +%Y/%m/%d\`/*" -print`; do
>     if [ -f ${name}.bz2 ]; then
>         n=1
>         while [ -f ${name}-${n}.bz2 ]; do
>             n=`expr ${n} + 1`
>         done
>         mv ${name} ${name}-${n}
>         bzip2 ${name}-${n}
>     else
>         bzip2 ${name}
>     fi
> done

mklogcheckfiles:

> #!/bin/sh
> LOGCHECKFILE=/etc/logcheck/logcheck.logfiles
> cat > ${LOGCHECKFILE} <<EOF
> # these files will be checked by logcheck
> # This has been tuned towards a default syslog install
> /var/log/syslog
> /var/log/auth.log
> EOF
> ls /var/log/HOSTS/*/`date +"%Y/%m/%d"`/auth-`date +"%Y%m%d"`.log \
>     /var/log/HOSTS/*/`date +"%Y/%m/%d"`/syslog-`date +"%Y%m%d"` >> 
> ${LOGCHECKFILE}

Central server set up along the lines of 
http://www.campin.net/newlogcheck.html -- I did most/all of that 
manually, though.

-- 
Mike Renfro  / R&D Engineer, Center for Manufacturing Research,
931 372-3601 / Tennessee Technological University

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to