diff --git a/manifests/init.pp b/manifests/init.pp index eec7377..0c7c39f 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -18,7 +18,7 @@ # Enables or disables TLS encryption for shipped log events. # # [*cert_path*] -# Directory to store the Loggly TLS certs in. Normally this would be +# Directory to store the Loggly TLS certs in. Normally this would be # relative to $base_dir. # # === Authors diff --git a/manifests/params.pp b/manifests/params.pp index 86a7329..30bd9a9 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -10,6 +10,13 @@ # class loggly::params { + $rsyslog_action_queue_file_name = "fwdLoggly" + $rsyslog_action_queue_max_disk_space = "1g" + $rsyslog_action_queue_save_on_shutdown = "on" + $rsyslog_action_queue_type = "LinkedList" + $rsyslog_action_resume_retry_count = "-1" + $rsyslog_appname_string = "app-name" + case $operatingsystem { 'RedHat', 'Ubuntu', 'Fedora', 'CentOS', 'Debian': { # base directory for loggly support files diff --git a/manifests/rsyslog.pp b/manifests/rsyslog.pp index e98841c..1c5f9fe 100644 --- a/manifests/rsyslog.pp +++ b/manifests/rsyslog.pp @@ -17,17 +17,49 @@ # This module uses configuration from the base Loggly class to set # the certificate path and TLS status. # -# [*cert_dir*] -# The directory to find the Loggly TLS certs in, as set by the base loggly +# [*customer_token*] +# The unique token from the Loggly interface to identify your account +# +# [*cert_path*] +# The path in which to find the Loggly TLS certs, as set by the base loggly # class. # # [*enable_tls*] # Enables or disables TLS encryption for shipped events. # +# [*action_queue_file_name*] +# The $ActionQueueFileName setting +# +# [*action_queue_max_disk_space*] +# The $ActionQueueMaxDiskSpace setting +# +# [*action_queue_save_on_shutdown*] +# The $ActionQueueSaveOnShutdown setting +# +# [*action_queue_type*] +# The $ActionQueueType setting +# +# [*action_resume_retry_count*] +# The $ActionQueueRetryCount setting +# +# [*appname_string*] +# A custom application name property string. The default is "app-name", but +# could be "programname" or "syslogtag" or any other rsyslog property, +# including modifiers like regexp. +# # === Examples # +# = Basic setup +# +# class { 'loggly::rsyslog': +# customer_token => '00000000-0000-0000-0000-000000000000', +# } +# +# = Custom app-name setup (for app names with slashes in them) +# # class { 'loggly::rsyslog': # customer_token => '00000000-0000-0000-0000-000000000000', +# appname_string => 'syslogtag:R,ERE,1,DFLT:(.*)\\[--end' # } # # === Authors @@ -35,14 +67,28 @@ # Colin Moller # class loggly::rsyslog ( - $customer_token, - $cert_path = $loggly::_cert_path, - $enable_tls = $loggly::enable_tls, + $customer_token = undef, + $cert_path = $loggly::_cert_path, + $enable_tls = $loggly::enable_tls, + $action_queue_file_name = $loggly::params::rsyslog_action_queue_file_name, + $action_queue_max_disk_space = $loggly::params::rsyslog_action_queue_max_disk_space, + $action_queue_save_on_shutdown = $loggly::params::rsyslog_action_queue_save_on_shutdown, + $action_queue_type = $loggly::params::rsyslog_action_queue_type, + $action_resume_retry_count = $loggly::params::rsyslog_action_resume_retry_count, + $appname_string = $loggly::params::rsyslog_appname_string ) inherits loggly { validate_string($customer_token) validate_absolute_path($cert_path) validate_bool($enable_tls) + validate_string($appname_string) + + # Use different config format if rsyslog version > 5$ActionQueueFileName fwdLoggly # unique name prefix for spool files + if (versioncmp($::syslog_version, '5') > 0) { + $template_file = "loggly.conf.erb" + } else { + $template_file = "loggly_pre7.conf.erb" + } # Emit a configuration snippet that submits events to Loggly by default file { '/etc/rsyslog.d/22-loggly.conf': @@ -50,7 +96,7 @@ owner => 'root', group => 'root', mode => '0644', - content => template("${module_name}/rsyslog/22-loggly.conf.erb"), + content => template("${module_name}/rsyslog/${template_file}"), notify => Exec['restart_rsyslogd'], } @@ -76,6 +122,7 @@ command => 'service rsyslog restart', path => [ '/usr/sbin', '/sbin', '/usr/bin/', '/bin', ], refreshonly => true, + subscribe => File["${loggly::_cert_path}/loggly_full.crt"] } } diff --git a/manifests/syslog_ng.pp b/manifests/syslog_ng.pp index 8c7db47..8c32e96 100644 --- a/manifests/syslog_ng.pp +++ b/manifests/syslog_ng.pp @@ -69,7 +69,7 @@ case $::operatingsystem { centos, redhat: { # On CentOS/Red Hat, the default syslog-ng configuration does not - # include a configuration snippet directory, so we ensure it is + # include a configuration snippet directory, so we ensure it is # present file_line { 'snippet_dir': ensure => present, @@ -90,7 +90,7 @@ } # Emit a configuration snippet that submits events to Loggly by default - # This template uses $enable_tls, $customer_token, and $cert_path + # This template uses $enable_tls, $customer_token, and $cert_path file { '/etc/syslog-ng/conf.d/22-loggly.conf': owner => 'root', group => 'root', @@ -101,7 +101,7 @@ } # Call an exec to restart the syslog service instead of using a puppet - # managed service to avoid external dependencies or conflicts with + # managed service to avoid external dependencies or conflicts with # modules that may already manage the syslog daemon. # # Note that this will only be called on configuration changes due to the @@ -110,6 +110,7 @@ command => 'service syslog-ng restart', path => [ '/usr/sbin', '/sbin', '/usr/bin/', '/bin', ], refreshonly => true, + subscribe => File["${loggly::_cert_path}/loggly_full.crt"] } } diff --git a/spec/classes/rsyslog_spec.rb b/spec/classes/rsyslog_spec.rb index 6aacbde..88b4c5b 100644 --- a/spec/classes/rsyslog_spec.rb +++ b/spec/classes/rsyslog_spec.rb @@ -13,7 +13,7 @@ it { should_not compile } end - + context "loggly::rsyslog class with invalid customer_token" do let(:params) {{ :customer_token => [ 'thing1', 'thing2' ], @@ -59,8 +59,8 @@ :customer_token => '0000-0000-0000', :enable_tls => true, }} - - it { + + it { is_expected.to contain_file('/etc/rsyslog.d/22-loggly.conf').with( 'ensure' => 'file', 'owner' => 'root', @@ -78,8 +78,8 @@ :customer_token => '0000-0000-0000', :enable_tls => false, }} - - it { + + it { is_expected.to contain_file('/etc/rsyslog.d/22-loggly.conf').with( 'ensure' => 'file', 'owner' => 'root', @@ -90,6 +90,125 @@ } end end + + context "loggly::rsyslog class with action_queue_file_name" do + let(:params) {{ + :customer_token => '0000-0000-0000', + :action_queue_file_name => 'testFile1' + }} + + it { + is_expected.to contain_file('/etc/rsyslog.d/22-loggly.conf').with( + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'content' => /\$ActionQueueFileName testFile1/, + ) + } + end + + context "loggly::rsyslog class with action_queue_max_disk_space" do + let(:params) {{ + :customer_token => '0000-0000-0000', + :action_queue_max_disk_space => '10g' + }} + + it { + is_expected.to contain_file('/etc/rsyslog.d/22-loggly.conf').with( + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'content' => /\$ActionQueueMaxDiskSpace 10g/, + ) + } + end + + context "loggly::rsyslog class with action_queue_save_on_shutdown" do + let(:params) {{ + :customer_token => '0000-0000-0000', + :action_queue_save_on_shutdown => 'off' + }} + + it { + is_expected.to contain_file('/etc/rsyslog.d/22-loggly.conf').with( + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'content' => /\$ActionQueueSaveOnShutdown off/, + ) + } + end + + context "loggly::rsyslog class with action_queue_type" do + let(:params) {{ + :customer_token => '0000-0000-0000', + :action_queue_type => 'Foo' + }} + + it { + is_expected.to contain_file('/etc/rsyslog.d/22-loggly.conf').with( + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'content' => /\$ActionQueueType Foo/, + ) + } + end + + context "loggly::rsyslog class with action_resume_retry_count" do + let(:params) {{ + :customer_token => '0000-0000-0000', + :action_resume_retry_count => '0' + }} + + it { + is_expected.to contain_file('/etc/rsyslog.d/22-loggly.conf').with( + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'content' => /\$ActionResumeRetryCount 0/, + ) + } + end + + context "loggly::rsyslog class with default appname_string" do + let(:params) {{ + :customer_token => '0000-0000-0000', + }} + + it { + is_expected.to contain_file('/etc/rsyslog.d/22-loggly.conf').with( + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'content' => /app\-name/, + ) + } + end + + context "loggly::rsyslog class with custom appname_string" do + let(:params) {{ + :customer_token => '0000-0000-0000', + :appname_string => 'programname' + }} + + it { + is_expected.to contain_file('/etc/rsyslog.d/22-loggly.conf').with( + 'ensure' => 'file', + 'owner' => 'root', + 'group' => 'root', + 'mode' => '0644', + 'content' => /programname/, + ) + } + end + end end end diff --git a/templates/rsyslog/loggly.conf.erb b/templates/rsyslog/loggly.conf.erb new file mode 100644 index 0000000..a6b9241 --- /dev/null +++ b/templates/rsyslog/loggly.conf.erb @@ -0,0 +1,36 @@ +# This file is managed by Puppet and local changes +# may be overwritten + +<% if @enable_tls -%> +########################################################## +### TLS RsyslogTemplate for Loggly +########################################################## +<% else -%> +########################################################## +### RsyslogTemplate for Loggly +########################################################## +<% end -%> + +template(name="LogglyFormat" type="string" string="<%%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %<%= @appname_string -%>% %procid% %msgid% [<%= @customer_token -%>@41058 tag=\"RsyslogTLS\"] %msg%\n") + +$ActionQueueFileName <%= @action_queue_file_name %> +$ActionQueueMaxDiskSpace <%= @action_queue_max_disk_space %> +$ActionQueueSaveOnShutdown <%= @action_queue_save_on_shutdown %> +$ActionQueueType <%= @action_queue_type %> +$ActionResumeRetryCount <%= @action_resume_retry_count %> + +<% if @enable_tls -%> +#RsyslogGnuTLS + +$DefaultNetstreamDriverCAFile <%= @cert_path -%>/loggly_full.crt +$ActionSendStreamDriver gtls +$ActionSendStreamDriverMode 1 +$ActionSendStreamDriverAuthMode x509/name +$ActionSendStreamDriverPermittedPeer *.loggly.com + +action (type="omfwd" protocol="tcp" target="logs-01.loggly.com" port="6514" template="LogglyFormat") +<% else -%> +action (type="omfwd" protocol="tcp" target="logs-01.loggly.com" port="514" template="LogglyFormat") +<% end -%> + +#################END CONFIG FILE######################### diff --git a/templates/rsyslog/22-loggly.conf.erb b/templates/rsyslog/loggly_pre7.conf.erb similarity index 73% rename from templates/rsyslog/22-loggly.conf.erb rename to templates/rsyslog/loggly_pre7.conf.erb index c5bc03b..ea05833 100644 --- a/templates/rsyslog/22-loggly.conf.erb +++ b/templates/rsyslog/loggly_pre7.conf.erb @@ -1,10 +1,13 @@ +# This file is managed by Puppet and local changes +# may be overwritten + <% if @enable_tls -%> ########################################################## ### TLS RsyslogTemplate for Loggly ########################################################## -$template LogglyFormat,"<%%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [<%= @customer_token -%>@41058 tag=\"Rsyslog TLS\"] %msg%" +$template LogglyFormat,"<%%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %<%= @appname_string -%>% %procid% %msgid% [<%= @customer_token -%>@41058 tag=\"Rsyslog TLS\"] %msg%" #RsyslogGnuTLS @@ -22,7 +25,7 @@ $ActionSendStreamDriverPermittedPeer *.loggly.com ### TLS RsyslogTemplate for Loggly ########################################################## -$template LogglyFormat,"<%%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [<%= @customer_token -%>@41058] %msg%\n" +$template LogglyFormat,"<%%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %<%= @appname_string -%>% %procid% %msgid% [<%= @customer_token -%>@41058] %msg%\n" *.* @@logs-01.loggly.com:514; LogglyFormat <% end -%>