Skip to content
Snippets Groups Projects
Normal view Permalink
logging.pp 2.38 KiB
Newer Older
Adam Lewenberg's avatar
work on logging  
Adam Lewenberg committed
1 
class su_ldap::config::logging(
Adam Lewenberg's avatar
more work on logging  
Adam Lewenberg committed
2 3 
  $ldap_log_dir         = '/var/lib/ldap/logs',
  $rotate_logs_into_afs = false,
Adam Lewenberg's avatar
work on logging  
Adam Lewenberg committed
4 
) {
Adam Lewenberg's avatar
more work on logging  
Adam Lewenberg committed
5 6 

  ## LDAP LOGS
Adam Lewenberg's avatar
work on logging  
Adam Lewenberg committed
7 8 9 10 11 12 
  # We put the logs in a special place.
  file { $ldap_log_dir:
    ensure  => directory,
    require => File['/var/lib/ldap'],
  }
Adam Lewenberg's avatar
more work on logging  
Adam Lewenberg committed
13 14 15 16 17 
  file { "${ldap_log_dir}/OLD":
    ensure  => directory,
    require => File[$ldap_log_dir],
  }
Srinivas Rao Puttagunta's avatar
add missing links to ldap logs  
Srinivas Rao Puttagunta committed
18 19 20 21 22 23 24 25 26 27 28 
  # Make a soft link to this ldap log file as well as to the OLD ldap directory.
  file {
    '/var/log/ldap':
      ensure => link,
      target => "${ldap_log_dir}/ldap";
    '/var/log/OLD-ldap':
      ensure  => link,
      target  => "${ldap_log_dir}/OLD",
      require => File["${ldap_log_dir}/OLD"];
  }
Adam Lewenberg's avatar
work on logging  
Adam Lewenberg committed
29 30 31 
  # The LDAP software sends logs to the local4 facility of syslog. We want
  # to use rsyslog to send these local4 syslogs to a file. We assume that
  # the package rsyslog is already installed by another class.
Adam Lewenberg's avatar
more testing  
Adam Lewenberg committed
32 
  # ##require => Package['rsyslog'],
Adam Lewenberg's avatar
work on logging  
Adam Lewenberg committed
33 34 35 36 37 
  file { '/etc/rsyslog.d/50-ldap-remote.conf':
    ensure  => present,
    content => template('su_ldap/etc/rsyslog.d/50-ldap-remote.conf.erb'),
  }
Adam Lewenberg's avatar
more work on logging  
Adam Lewenberg committed
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 
  ## ROTATING LOGS (NEWSYSLOG)

  # A bit nonstandard but used for additional newsyslog rules called
  # as part of cron jobs
  file { '/etc/newsyslog': ensure => directory }

  # The files rotated locally are rotated into $ldap_log_dir/OLD.  We only
  # rotate logs into AFS for production servers: the ldap.erb template
  # will include the configuration to do rotation to AFS based on the
  # value of the $rotate_logs_into_afs parameter.
  file { '/etc/newsyslog.daily/ldap':
    mode    => '0644',
    content => template('s_ldap/etc/newsyslog.daily/ldap.erb'),
    require => Package['newsyslog'];
  }

  # Backup cn=config into AFS.
  file { '/etc/newsyslog.daily/ldap-cn-config':
    mode    => '0644',
    source  => 'puppet:///modules/su_ldap/etc/newsyslog.daily/ldap-cn-config',
    require => Package['newsyslog'];
  }

  ## FILTER-SYSLOG
  # Filter known trivial/non-critical messages out of the logs
  file { '/etc/filter-syslog/ldap':
    mode   => '0644',
    owner  => root,
    group  => root,
    source => 'puppet:///modules/su_ldap/etc/filter-syslog/ldap',
  }
Linda J Laubenheimer's avatar
filter syslog for ldap-cn-config  
Linda J Laubenheimer committed
70 71 72 73 74 75 76 77 78 
  ## FILTER-SYSLOG
  # Filter known trivial/non-critical messages out of the logs
  file { '/etc/filter-syslog/ldap-cn-config':
    mode   => '0644',
    owner  => root,
    group  => root,
    source => 'puppet:///modules/su_ldap/etc/filter-syslog/ldap-cn-config',
  }
Adam Lewenberg's avatar
add empty logging class
Adam Lewenberg committed
79 80 

}