add rsyslog confs

This commit is contained in:
Louis Abel 2023-12-22 14:53:42 -07:00
parent 9241bea415
commit 2c54ce3a69
Signed by: label
GPG key ID: 3331F061D1D9990E
3 changed files with 28 additions and 0 deletions

View file

@ -0,0 +1,11 @@
# Forward logs to a receiver
# classic mode
# *.* {{ remote_rsyslog_host }}
*.* action(type="omfwd"
target="{{ remote_rsyslog_host }}"
port="{{ remote_rsyslog_port|default('514') }}"
protocol="{{ remote_rsyslog_protocol|default('udp') }}"
action.resumeRetryCount="100"
queue.type="LinkedList"
queue.size="1000")

View file

@ -0,0 +1,12 @@
# Receive logs
module(load="imtcp")
input(type="imtcp" port="514")
module(load="imudp")
input(type="imudp" port="514")
$AllowedSender TCP, {{ allowed_rsyslog_clients|join(', ') }}
$template RemoteHostSyslog,"/var/log/remote/%HOSTNAME%-log
$RuleSet remote
*.* -?RemoteHostSyslog
*.info;mail.none;authpriv.none;cron.none ?RemoteHostSyslog

View file

@ -20,4 +20,9 @@ rocky_smtp_tls: "true"
rocky_smtp_openssl_verify_mode: "none" rocky_smtp_openssl_verify_mode: "none"
rocky_smtp_ca_path: "/etc/pki/tls/certs" rocky_smtp_ca_path: "/etc/pki/tls/certs"
rocky_smtp_ca_file: "/etc/pki/tls/certs/ca-bundle.crt" rocky_smtp_ca_file: "/etc/pki/tls/certs/ca-bundle.crt"
allowed_rsyslog_clients:
- 127.0.0.1
- 10.32.0.0/16
- 10.61.0.0/16
remote_rsyslog_host: ""
... ...