[INSTRM-323] update rsyslog-server role to fix massive output to /var/log and add omfile - PFS-JIRA

XML

Word

Printable

Details

Type: Task
Status: Done (View Workflow)
Priority: Normal
Resolution: Done
Component/s: ics_ansible
Labels:
None

Description

current version just sets imtcp/udp and loads logstash output module if configured by parameter, but not disable standard output to /var/log, which will result to write massive outputs to /var/log.

add ruleset to input lines
add ruleset to existing logstash template
add omfile template with dynaFile as template like following

$template omfile-name,"/tmp/%$year%/%$month%%$day%/%hostname%/%syslogfacility-text%.log"
action(type="omfile" dynaFile="omfile-name")

Attachments

Activity

People

Assignee:

Unassigned

Reporter:

shimono

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

10/Apr/18 4:35 PM

Updated:

16/Apr/18 6:21 AM

Resolved:

16/Apr/18 6:21 AM