Skip to content
Snippets Groups Projects
Commit 441bb173 authored by nimrod's avatar nimrod
Browse files

Syslog forwarding WIP.

parent 8fd46066
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
handlers/main.yml
+ 10
0
View file @ 441bb173
...@@ -3,3 +3,13 @@ ...@@ -3,3 +3,13 @@
- name: Update CA store - name: Update CA store
command: /usr/sbin/update-ca-certificates command: /usr/sbin/update-ca-certificates
- name: Restart rsyslog
service:
name: rsyslog
state: restarted
- name: Restart syslogd
service:
name: syslogd
state: restarted
tasks/syslog_forward.yml
+ 22
1
View file @ 441bb173
...@@ -3,7 +3,28 @@ ...@@ -3,7 +3,28 @@
- name: apt install rsyslog - name: apt install rsyslog
when: ansible_os_family == 'Debian' when: ansible_os_family == 'Debian'
apt: apt:
name: rsyslog name: rsyslog-gnutls
state: present state: present
update_cache: yes update_cache: yes
cache_valid_time: 3600 cache_valid_time: 3600
- name: Configure rsyslog forwarding
when: ansible_os_family == 'Debian'
template:
src: forwarding.conf.j2
dest: /etc/rsyslog.d/forwarding.conf.j2
owner: root
group: root
mode: '0644'
notify:
- Restart rsyslog
- name: Configure syslogd forwarding
when: ansible_os_family == 'OpenBSD'
lineinfile:
dest: /etc/syslog.conf
line: '*.* @tls://{{ syslog_server}}'
regexp: '^*.* @'
state: present
notify:
- Restart syslogd
templates/forwarding.conf.j2 0 → 100644
+ 9
0
View file @ 441bb173
$DefaultNetstreamDriver gtls
$DefaultNetstreamDriverCAFile {{ tls_ca_cert_path }}
$DefaultNetstreamDriverCertFile {{ tls_cert_path }}
$DefaultNetstreamDriverKeyFile {{ tls_key_path }}
$ActionSendStreamDriverAuthMode x509/name
$ActionSendStreamDriverPermittedPeer {{ syslog_server }}
$ActionSendStreamDriverMode 1
*.* @@{{ syslog_server }}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment