REFERENCE.md

Reference

Table of Contents

Classes

Public Classes

• rsyslog: Meta class to install rsyslog with a basic configuration. You propably want rsyslog::client or rsyslog::server
• rsyslog::client: This class manages rsyslog as client
• rsyslog::database: This class manages rsyslog database connection
• rsyslog::params: Manages default configuration values for this module.
• rsyslog::server: This class manages rsyslog as server

Private Classes

• rsyslog::install: Manages rsyslog packages

Defined types

• rsyslog::imfile: This class manages rsyslog file imports
• rsyslog::snippet: Manage rsyslog configuration snippets

Classes

rsyslog

Meta class to install rsyslog with a basic configuration. You propably want rsyslog::client or rsyslog::server

Examples

Puppet usage

class { 'rsyslog': }

Parameters

The following parameters are available in the rsyslog class:

• rsyslog_package_name
• relp_package_name
• mysql_package_name
• pgsql_package_name
• gnutls_package_name
• package_status
• rsyslog_d
• purge_rsyslog_d
• rsyslog_conf
• rsyslog_conf_template_file
• rsyslog_default
• rsyslog_default_file
• run_user
• run_group
• log_user
• log_group
• log_style
• umask
• perm_file
• perm_dir
• spool_dir
• service_name
• service_hasrestart
• service_hasstatus
• modules
• preserve_fqdn
• local_host_name
• max_message_size
• system_log_rate_limit_interval
• system_log_rate_limit_burst
• extra_modules
• default_template_customisation
• default_template
• msg_reduction
• non_kernel_facility
• omit_local_logging
• im_journal_ratelimit_interval
• im_journal_statefile
• im_journal_ratelimit_burst
• im_journal_ignore_previous_messages
• rsyslog_conf_mode
• rsyslog_d_mode
• purge_ignore
• usrmsg_users

rsyslog_package_name

Data type: Variant[Boolean[false], String[1]]

rsyslog package name

Default value: $rsyslog::params::rsyslog_package_name

relp_package_name

Data type: Variant[Boolean[false], String[1]]

rsyslog relp package name

Default value: $rsyslog::params::relp_package_name

mysql_package_name

Data type: Variant[Boolean[false], String[1]]

rsyslog mysql package name

Default value: $rsyslog::params::mysql_package_name

pgsql_package_name

Data type: Variant[Boolean[false], String[1]]

rsyslog postgresql package name

Default value: $rsyslog::params::pgsql_package_name

gnutls_package_name

Data type: Variant[Boolean[false], String[1]]

rsyslog gnutls package name

Default value: $rsyslog::params::gnutls_package_name

package_status

Data type: String[1]

Set ensure on package resources

Default value: $rsyslog::params::package_status

rsyslog_d

Data type: Stdlib::Absolutepath

Path of directory containing configuration snippets

Default value: $rsyslog::params::rsyslog_d

purge_rsyslog_d

Data type: Boolean

Whether or not unmanaged files in rsyslog_d dir should be removed

Default value: $rsyslog::params::purge_rsyslog_d

rsyslog_conf

Data type: Stdlib::Absolutepath

Path to rsyslog main configuration file

Default value: $rsyslog::params::rsyslog_conf

rsyslog_conf_template_file

Data type: String[1]

Name of the rsyslog.conf template file to use

Default value: "${module_name}/rsyslog.conf.erb"

rsyslog_default

Data type: Stdlib::Absolutepath

rsyslog default file path

Default value: $rsyslog::params::rsyslog_default

rsyslog_default_file

Data type: String[1]

rsyslog_d file template to use

Default value: $rsyslog::params::default_config_file

run_user

Data type: String[1]

Which user rsyslog should run as

Default value: $rsyslog::params::run_user

run_group

Data type: String[1]

Which group rsyslog should run as

Default value: $rsyslog::params::run_group

log_user

Data type: String[1]

Which user should be used for log files and directories

Default value: $rsyslog::params::log_user

log_group

Data type: String[1]

Which group should be used for log files and directories

Default value: $rsyslog::params::log_group

log_style

Data type: Enum['debian', 'freebsd', 'redhat']

Selects the local log style in use

Default value: $rsyslog::params::log_style

umask

Data type: Optional[Stdlib::Filemode]

The umask parameter allows to specify the rsyslogd processes’ umask

Default value: $rsyslog::params::umask

perm_file

Data type: Stdlib::Filemode

File mode to use when creating new files

Default value: $rsyslog::params::perm_file

perm_dir

Data type: Stdlib::Filemode

Sets the default dirCreateMode to be used for an action if no explicit one is specified.

Default value: $rsyslog::params::perm_dir

spool_dir

Data type: Stdlib::Absolutepath

Sets the directory that rsyslog uses for work files, e.g. imfile state or queue spool files

Default value: $rsyslog::params::spool_dir

service_name

Data type: String[1]

rsyslog service name

Default value: $rsyslog::params::service_name

service_hasrestart

Data type: Boolean

Does the service has a restart option?

Default value: $rsyslog::params::service_hasrestart

service_hasstatus

Data type: Boolean

Does the service has a status option?

Default value: $rsyslog::params::service_hasstatus

modules

Data type: Array[String[1]]

rsyslog modules to load

Default value: $rsyslog::params::modules

preserve_fqdn

Data type: Boolean

Use full name of host even if sender and receiver are in the same domain

Default value: $rsyslog::params::preserve_fqdn

local_host_name

Data type: Optional[String[1]]

Use a custom local host name, instead of clients actual host name

Default value: undef

max_message_size

Data type: String[1]

Allows to specify maximum supported message size (both for sending and receiving)

Default value: $rsyslog::params::max_message_size

system_log_rate_limit_interval

Data type: Variant[String[1], Integer[0]]

Specifies the number of seconds per rate limit interval

Default value: $rsyslog::params::system_log_rate_limit_interval

system_log_rate_limit_burst

Data type: Variant[String[1], Integer[0]]

Specifies the number of messages before limiting begins

Default value: $rsyslog::params::system_log_rate_limit_burst

extra_modules

Data type: Array

Extra rsyslog modules to load

Default value: $rsyslog::params::extra_modules

default_template_customisation

Data type: Optional[String[1]]

If set, this defines the ActionFileDefaultTemplate custom formatting which sets customisations over the default log format for remote and local logging. Must be used with actionfiletemplate to take effect

Default value: $rsyslog::params::default_template_customisation

default_template

Data type: Optional[String[1]]

If set, this defines the ActionFileDefaultTemplate which sets the default logging format for remote and local logging

Default value: $rsyslog::params::default_template

msg_reduction

Data type: Boolean

Reduce repeated messages

Default value: $rsyslog::params::msg_reduction

non_kernel_facility

Data type: Boolean

Permit non-kernel facility messages in the kernel log

Default value: $rsyslog::params::non_kernel_facility

omit_local_logging

Data type: Boolean

Turn off message reception via local log socket

Default value: $rsyslog::params::omit_local_logging

im_journal_ratelimit_interval

Data type: Optional[Variant[String[1], Integer[0]]]

Specifies the interval in seconds onto which rate-limiting is to be applied

Default value: $rsyslog::params::im_journal_ratelimit_interval

im_journal_statefile

Data type: Optional[Variant[Stdlib::Absolutepath, String[1]]]

This is a global setting. It specifies where the state file for persisting journal state is located

Default value: $rsyslog::params::im_journal_statefile

im_journal_ratelimit_burst

Data type: Optional[Variant[String[1], Integer[0]]]

Specifies the maximum number of messages that can be emitted within the ratelimit.interval interval

Default value: $rsyslog::params::im_journal_ratelimit_burst

im_journal_ignore_previous_messages

Data type: Optional[Enum['on', 'off']]

This option specifies whether imjournal should ignore messages currently in journal and read only new messages

Default value: $rsyslog::params::im_journal_ignore_previous_messages

rsyslog_conf_mode

Data type: Optional[Stdlib::Filemode]

Force a specific mode on the main rsyslog.conf file

Default value: undef

rsyslog_d_mode

Data type: Optional[Stdlib::Filemode]

Force a specific mode on the rsyslog.d directory

Default value: undef

purge_ignore

Data type: Optional[Variant[String[1], Array[String[1]]]]

Files to exclude from purging in rsyslog.d directory

Default value: undef

usrmsg_users

Data type: Array[String[1]]

Array of user names that will receive emergency messages when logged

Default value: ['*']

rsyslog::client

This class manages rsyslog as client

Examples

Puppet usage

class { 'rsyslog::client': }

Parameters

The following parameters are available in the rsyslog::client class:

• log_remote
• spool_size
• spool_timeoutenqueue
• remote_type
• remote_forward_format
• log_local
• disable_xconsole
• log_local_custom
• log_auth_local
• listen_localhost
• split_config
• custom_config
• server
• port
• remote_servers
• ssl
• ssl_ca
• ssl_cert
• ssl_key
• ssl_permitted_peer
• ssl_auth_mode
• log_templates
• log_filters
• actionfiletemplate_cust
• actionfiletemplate
• high_precision_timestamps
• imfiles

log_remote

Data type: Boolean

Log remotely

Default value: true

spool_size

Data type: String[1]

Max size for disk queue if remote server fails

Default value: '1g'

spool_timeoutenqueue

Data type: Optional[Integer[0]]

Time to wait before discarding on full spool

Default value: undef

remote_type

Data type: Enum['tcp', 'udp', 'relp']

Which protocol to use for remote logging

Default value: 'tcp'

remote_forward_format

Data type: String[1]

Which forward format for remote servers should be used

Default value: 'RSYSLOG_ForwardFormat'

log_local

Data type: Boolean

Log locally

Default value: false

disable_xconsole

Data type: Boolean

Disable messages to /dev/xconsole

Default value: false

log_local_custom

Data type: Optional[Variant[Array[String[1]], String[1]]]

Define custom local config entries

Default value: undef

log_auth_local

Data type: Boolean

Just log auth facility locally

Default value: false

listen_localhost

Data type: Boolean

Start a UDP listener on 127.0.0.1:514

Default value: false

split_config

Data type: Boolean

Splits the client config into 00_client_config.conf, 50_client_remote.conf and 99_client_local.conf

Default value: false

custom_config

Data type: Optional[String[1]]

Specify your own template to use for client config

Default value: undef

server

Data type: Stdlib::Host

Rsyslog server to log to

Default value: 'log'

port

Data type: Variant[String[1], Stdlib::Port]

Remote server port

Default value: '514'

remote_servers

Data type: Array[Hash]

Array of hashes with remote servers

Default value: []

ssl

Data type: Boolean

Enable SSL support

Default value: false

ssl_ca

Data type: Optional[String[1]]

SSL CA file location

Default value: undef

ssl_cert

Data type: Optional[String[1]]

Path to SSL certificate

Default value: undef

ssl_key

Data type: Optional[String[1]]

Path to SSL private key

Default value: undef

ssl_permitted_peer

Data type: Optional[String[1]]

List of permitted peers

Default value: undef

ssl_auth_mode

Data type: String[1]

SSL auth mode

Default value: 'anon'

log_templates

Data type: Array[Hash]

Array of hashes defining custom logging templates using the $template configuration parameter

Default value: []

log_filters

Data type: Array[Hash]

Array of hashes defining custom logging filters using the if/then configuration parameter

Default value: []

actionfiletemplate_cust

Data type: Optional[String[1]]

If set, this defines the ActionFileDefaultTemplate custom formatting which sets customisations over the default log format for remote and local logging. Must be used with actionfiletemplate to take effect

Default value: undef

actionfiletemplate

Data type: Optional[String[1]]

If set, this defines the ActionFileDefaultTemplate which sets the default logging format for remote and local logging

Default value: undef

high_precision_timestamps

Data type: Boolean

Whether or not to use high precision timestamps

Default value: false

imfiles

Data type: Hash

Specify imfile resources to create

Default value: {}

rsyslog::database

This class manages rsyslog database connection

Examples

Puppet usage

class { 'rsyslog::database':
  backend  => 'mysql',
  server   => 'localhost',
  database => 'mydb',
  username => 'myuser',
  password => 'mypass',
}

Parameters

The following parameters are available in the rsyslog::database class:

• backend
• server
• database
• username
• password

backend

Data type: Enum['mysql', 'pgsql']

The database backend to use.

server

Data type: Stdlib::Host

The database server to use.

database

Data type: String[1]

The database name to use.

username

Data type: String[1]

The database username to use.

password

Data type: Variant[String[1], Sensitive[String[1]]]

The database password to use.

rsyslog::params

Manages default configuration values for this module.

rsyslog::server

This class manages rsyslog as server

Examples

Puppet usage

Default usage:
  class { 'rsyslog::server': }

Create seperate directory per host
  class { 'rsyslog::server':
    custom_config => 'rsyslog/server-hostname.conf.erb'
  }

Parameters

The following parameters are available in the rsyslog::server class:

• enable_tcp
• enable_udp
• enable_relp
• remote_ruleset_tcp
• remote_ruleset_udp
• remote_ruleset_relp
• enable_onefile
• relay_server
• server_dir
• custom_config
• content
• port
• relp_port
• address
• high_precision_timestamps
• ssl
• ssl_ca
• ssl_cert
• ssl_key
• ssl_permitted_peer
• ssl_auth_mode
• log_templates
• log_filters
• actionfiletemplate_cust
• actionfiletemplate
• rotate
• rules

enable_tcp

Data type: Boolean

Enable TCP listener

Default value: true

enable_udp

Data type: Boolean

Enable UDP listener

Default value: true

enable_relp

Data type: Boolean

Enable RELP listener

Default value: true

remote_ruleset_tcp

Data type: Boolean

Whether or not the remote ruleset should be used for TCP listener

Default value: true

remote_ruleset_udp

Data type: Boolean

Whether or not the remote ruleset should be used for UDP listener

Default value: true

remote_ruleset_relp

Data type: Boolean

Whether or not the remote ruleset should be used for RELP listener

Default value: true

enable_onefile

Data type: Boolean

Only one logfile per remote host

Default value: false

relay_server

Data type: Boolean

If the server should be able to relay the received logs to another server. The rsyslog::client must also be set up

Default value: false

server_dir

Data type: Stdlib::Absolutepath

Folder where logs will be stored on the server

Default value: '/srv/log'

custom_config

Data type: Optional[String[1]]

Specify your own template to use for rsyslog.conf

Default value: undef

content

Data type: Optional[String[1]]

Instead of using a template to generate rsyslog.conf, use the specified content

Default value: undef

port

Data type: Variant[String[1], Stdlib::Port]

Port to listen on for messages via TCP and UDP

Default value: '514'

relp_port

Data type: Variant[String[1], Stdlib::Port]

Port to listen on for messages via RELP

Default value: '20514'

address

Data type: String[1]

The IP address to bind to. Applies to UDP listener only

Default value: '*'

high_precision_timestamps

Data type: Boolean

Whether or not to use high precision timestamps

Default value: false

ssl

Data type: Boolean

Enable SSL support

Default value: false

ssl_ca

Data type: Optional[String[1]]

SSL CA file location

Default value: undef

ssl_cert

Data type: Optional[String[1]]

Path to SSL certificate

Default value: undef

ssl_key

Data type: Optional[String[1]]

Path to SSL private key

Default value: undef

ssl_permitted_peer

Data type: Optional[String[1]]

List of permitted peers

Default value: undef

ssl_auth_mode

Data type: String[1]

SSL auth mode

Default value: 'anon'

log_templates

Data type: Array[Hash]

Array of hashes defining custom logging templates using the $template configuration parameter

Default value: []

log_filters

Data type: Array[Hash]

Array of hashes defining custom logging filters using the if/then configuration parameter

Default value: []

actionfiletemplate_cust

Data type: Optional[String[1]]

If set, this defines the ActionFileDefaultTemplate custom formatting which sets customisations over the default log format for remote and local logging. Must be used with actionfiletemplate to take effect

Default value: undef

actionfiletemplate

Data type: Optional[String[1]]

If set, this defines the ActionFileDefaultTemplate which sets the default logging format for remote and local logging

Default value: undef

rotate

Data type: Optional[Enum['year', 'YEAR', 'month', 'MONTH', 'day', 'DAY']]

Enables rotation of logfiles

Default value: undef

rules

Data type: Array[Hash]

Array of hashes for configuring custom rules for the server. If set, this replaces the default rules

Default value: []

Defined types

rsyslog::imfile

This class manages rsyslog file imports

Examples

Puppet usage

rsyslog::imfile { 'my-imfile':
  file_name     => '/some/file',
  file_tag      => 'mytag',
  file_facility => 'local0',
}

Parameters

The following parameters are available in the rsyslog::imfile defined type:

• file_name
• file_tag
• file_facility
• file_readmode
• ensure
• polling_interval
• file_severity
• persist_state_interval
• imfile_template

file_name

Data type: Stdlib::Absolutepath

The file being monitored.

file_tag

Data type: String[1]

The tag to be assigned to messages read from this file.

file_facility

Data type: Stdlib::Syslogfacility

The syslog facility to be assigned to messages read from this file.

file_readmode

Data type: Optional[Integer[0,2]]

This provides support for processing some standard types of multiline messages.

Default value: undef

ensure

Data type: Enum['present', 'absent']

Set ensure on resource

Default value: 'present'

polling_interval

Data type: Integer[0]

This setting specifies how often files are to be polled for new data.

Default value: 10

file_severity

Data type: Variant[Integer[0,23], String[1]]

The syslog severity to be assigned to lines read.

Default value: 'notice'

persist_state_interval

Data type: Integer[0]

Specifies how often the state file shall be written when processing the input file.

Default value: 0

imfile_template

Data type: String[1]

Config file template to use.

Default value: 'rsyslog/imfile.erb'

rsyslog::snippet

Manage rsyslog configuration snippets

Examples

Puppet usage

rsyslog::snippet { 'my-rsyslog-config':
  content => '<Some rsyslog directive>',
}

Parameters

The following parameters are available in the rsyslog::snippet defined type:

• content
• ensure
• file_mode
• source

content

Data type: Optional[String[1]]

The actual content to place in the file

Default value: undef

ensure

Data type: Enum['present', 'file', 'absent']

Set ensure for the resource

Default value: 'present'

file_mode

Data type: Optional[Stdlib::Filemode]

The mode of the file snippet

Default value: undef

source

Data type: Optional[String[1]]

Default value: undef