On 9/22/2008 2:30 PM, Brian Gupta wrote:
> Anyone have any recipes for this? Also logrotate bits would help.
I just leave logrotate on the defaults. But for syslog-ng (edited down
to the relevant bits):
> node "syslog.cae.tntech.edu" {
> include baseclass
> $syslogtype = 'server'
> include cae-host
> }
> class cae-host {
> include syslog-ng
> }
All other nodes that include cae-host don't set $syslogtype explicitly,
so they end up with the default settings suitable for a client.
syslog-ng.pp:
> class syslog-ng {
> package { syslog-ng: ensure => installed }
> file { syslog-ngconf:
> path => $operatingsystem ? {
> default => "/etc/syslog-ng/syslog-ng.conf"
> },
> owner => root, group => root, mode => 644,
> source => $syslogtype ? {
> server => "puppet:///files/apps/syslog-ng/syslog-ng.conf.server",
> client => "puppet:///files/apps/syslog-ng/syslog-ng.conf",
> default => "puppet:///files/apps/syslog-ng/syslog-ng.conf",
> },
> require => Package[syslog-ng]
> }
> service { syslog-ng:
> ensure => running,
> enable => true,
> subscribe => [Package[syslog-ng], File[syslog-ngconf]]
> }
> file { bzipoldlogs:
> path => $operatingsystem ? {
> default => "/usr/local/sbin/bzipoldlogs"
> },
> owner => root, group => root, mode => 700,
> source => "puppet:///files/apps/syslog-ng/bzipoldlogs",
> ensure => $syslogtype ? {
> server => present,
> client => absent,
> default => absent
> },
> require => Package[syslog-ng]
> }
> cron { bzipoldlogs:
> command => "/usr/local/sbin/bzipoldlogs",
> user => root,
> hour => 0,
> minute => 5,
> ensure => $syslogtype ? {
> server => present,
> client => absent,
> default => absent
> }
> }
> file { mklogcheckfiles:
> path => $operatingsystem ? {
> default => "/usr/local/sbin/mklogcheckfiles"
> },
> owner => root, group => root, mode => 700,
> source => "puppet:///files/apps/syslog-ng/mklogcheckfiles",
> ensure => $syslogtype ? {
> server => present,
> client => absent,
> default => absent
> },
> require => Package[syslog-ng]
> }
> cron { mklogcheckfiles:
> command => "/usr/local/sbin/mklogcheckfiles",
> user => root,
> hour => 0,
> minute => 4,
> ensure => $syslogtype ? {
> server => present,
> client => absent,
> default => absent
> }
> }
> }
bzipoldlogs:
> #!/bin/sh
> for name in `find /var/log/HOSTS ! -name "*bz2" -type f ! -path
> "*/\`/bin/date +%Y/%m/%d\`/*" -print`; do
> if [ -f ${name}.bz2 ]; then
> n=1
> while [ -f ${name}-${n}.bz2 ]; do
> n=`expr ${n} + 1`
> done
> mv ${name} ${name}-${n}
> bzip2 ${name}-${n}
> else
> bzip2 ${name}
> fi
> done
mklogcheckfiles:
> #!/bin/sh
> LOGCHECKFILE=/etc/logcheck/logcheck.logfiles
> cat > ${LOGCHECKFILE} <<EOF
> # these files will be checked by logcheck
> # This has been tuned towards a default syslog install
> /var/log/syslog
> /var/log/auth.log
> EOF
> ls /var/log/HOSTS/*/`date +"%Y/%m/%d"`/auth-`date +"%Y%m%d"`.log \
> /var/log/HOSTS/*/`date +"%Y/%m/%d"`/syslog-`date +"%Y%m%d"` >>
> ${LOGCHECKFILE}
Central server set up along the lines of
http://www.campin.net/newlogcheck.html -- I did most/all of that
manually, though.
--
Mike Renfro / R&D Engineer, Center for Manufacturing Research,
931 372-3601 / Tennessee Technological University
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en
-~----------~----~----~----~------~----~------~--~---
