Puppet Class: loggly::syslog_ng

Inherits:
loggly
Defined in:
manifests/syslog_ng.pp

Overview

Class: loggly::syslog_ng

Configures the syslog-ng daemon to submit syslog events to Loggly.

Please note that this module will add configuration to the default configuration file for syslog-ng on Red Hat based distributions.

Parameters

customer_token

Customer Token that will be used to identify which Loggly account events will be submitted to.

More information on how to generate and obtain the Customer Token can be found in the Loggly documentation at:

http://www.loggly.com/docs/customer-token-authentication-token/

Variables

This module uses configuration from the base Loggly class to set the certificate path and TLS status.

cert_path

The directory to find the Loggly TLS certs in, as set by the base loggly class.

enable_tls

Enables or disables TLS encryption for shipped events.

Enabled on all distros except CentOS and Red Hat Enterprise Linux as the packages for those distros are not compiled with TLS support by default.

Examples

class { 'loggly::syslog_ng':
  customer_token => '00000000-0000-0000-0000-000000000000',
}

Authors

Colin Moller <colin@unixarmy.com>

Parameters:

  • customer_token (Any)
  • enable_tls (Any) (defaults to: $loggly::enable_tls)
  • cert_path (Any) (defaults to: $loggly::_cert_path) 


43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
 
# File 'manifests/syslog_ng.pp', line 43

class loggly::syslog_ng (
  $customer_token,
  $enable_tls     = $loggly::enable_tls,
  $cert_path      = $loggly::_cert_path,
) inherits loggly {

  validate_string($customer_token)
  validate_bool($enable_tls)
  validate_absolute_path($cert_path)

  # Ensure our configuration snippet directory exists before putting
  # configuration snippets there
  if !defined(File['/etc/syslog-ng/conf.d']){
    file { '/etc/syslog-ng/conf.d':
      ensure => 'directory',
      owner  => 'root',
      group  => 'root',
      mode   => '0755',
    }
  }
  # Ensure we are using the correct source name on each distro
  $syslog_source = $::osfamily ? {
    'RedHat' => 's_sys',
    'Debian' => 's_src',
  }

  case $::operatingsystem {
    centos, redhat: {
      # On CentOS/Red Hat, the default syslog-ng configuration does not
      # include a configuration snippet directory, so we ensure it is 
      # present
      file_line { 'snippet_dir':
        ensure => present,
        path   => '/etc/syslog-ng/syslog-ng.conf',
        line   => '@include "/etc/syslog-ng/conf.d/"',
        before => File['/etc/syslog-ng/conf.d/22-loggly.conf'],
      }

      # Packages available from the EPEL repo for syslog-ng on
      # CentOS/Red Hat are not compiled with TLS support by default
      $_enable_tls   = false
    }

    # Respect the default set in the loggly class on other distros
    default: {
      $_enable_tls   = $enable_tls
    }
  }

  # Emit a configuration snippet that submits events to Loggly by default
  # This template uses $enable_tls, $customer_token, and $cert_path 
  file { '/etc/syslog-ng/conf.d/22-loggly.conf':
    owner   => 'root',
    group   => 'root',
    mode    => '0644',
    content => template("${module_name}/syslog-ng/22-loggly.conf.erb"),
    require => File['/etc/syslog-ng/conf.d'],
    notify  => Exec['restart_syslog_ng'],
  }

  # Call an exec to restart the syslog service instead of using a puppet
  # managed service to avoid external dependencies or conflicts with 
  # modules that may already manage the syslog daemon.
  #
  # Note that this will only be called on configuration changes due to the
  # 'refreshonly' parameter.
  exec { 'restart_syslog_ng':
    command     => 'service syslog-ng restart',
    path        => [ '/usr/sbin', '/sbin', '/usr/bin/', '/bin', ],
    refreshonly => true,
  }
}