Rsyslog Ansible role

This role manages configuration of rsyslog client and makes sure that it's installed.

Requirements & Dependencies

Ansible

It was tested on the following versions:

• 1.9

Operating systems

Currently the module was only tested on Debian.

Role variables

• rsyslog_conf_file: string, the path to rsyslog.conf
• rsyslog_d_dir: string, where are the config files`
• rsyslog_user: the owner group of rsyslog.conf
• rsyslog_group: the owner user of rsyslog.conf
• rsyslog_remote_loggers: dict of remote centralized logging servers

Optional:

• ca_certificate: string, the root ca certificate to verify server log certificate.

Almost all of them has default values in defaults/main.yml.

Specific variables

Rsyslog support traffic encryption with TLS (SSL). More info

To enable it, ca_certificate must be defined, and ssl must be set to true for hosts to which you want to encrypt traffic.

Example:

  vars:
    ca_certificate: "root-ca.pem"
    rsyslog_remote_loggers:
      syslog-ng1:
        remote_host: "securelogserver.example.com"
        remote_port: "10514"
        ssl: true
        filters:
          - "auth.*"
          - "local6.*"
      syslog-ng2:
        remote_host: "logserver.example.com"
        remote_port: "514"
        ssl: false
        filters:
          - "auth.*"

Contribution

If you find a bug, please open an issue on GitHub.

If you want to hack some features into this role, please open an issue and we will talk about that.

Authors

ansible-rsyslog role was written by:

• Laurent Bernaille | e-mail | Twitter | GitHub
• François Gouteroux | e-mail | Twitter | GitHub