Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

syslog: T6989: convert old configuration format to "advanced" #4305

Open
wants to merge 11 commits into
base: current
Choose a base branch
from
Open

syslog: T6989: convert old configuration format to "advanced" #4305

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
0d2360c
syslog: T6989: remove "file" logging destination
c-po Jan 8, 2025
97559ba
syslog: T6989: remove CLI option for user terminal logging
c-po Jan 8, 2025
41880c3
syslog: T6989: rename "host" to "remote"
c-po Jan 8, 2025
9e435f6
syslog: T6989: convert old configuration format to "advanced"
c-po Jan 13, 2025
771ec81
syslog: T6989: add new source-address CLI option for outgoing connect…
c-po Jan 13, 2025
8256f1a
syslog: T6989: move up "global preserve-fqdn" one level in CLI
c-po Jan 15, 2025
df8bde6
syslog: T6989: move up "global marker" one level in CLI
c-po Jan 15, 2025
956ed56
syslog: T6989: rename "global" to "local"
c-po Jan 15, 2025
e2944c1
syslog: T6989: remove RepeatedMsgReduction configuration option
c-po Jan 15, 2025
1840d1d
syslog: T6989: add possibility to define VRF per remote
c-po Jan 18, 2025
aa08fe2
syslog: T6989: increase local log size form 256KiB -> 1MiB
c-po Jan 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 0 additions & 11 deletions data/templates/rsyslog/override.conf.j2
View file
Open in desktop

This file was deleted.

164 changes: 104 additions & 60 deletions data/templates/rsyslog/rsyslog.conf.j2
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,78 +1,122 @@
### Autogenerated by system_syslog.py ###

{% if global.marker is vyos_defined %}
$ModLoad immark
{% if global.marker.interval is vyos_defined %}
$MarkMessagePeriod {{ global.marker.interval }}
{% endif %}
{% endif %}
{% if global.preserve_fqdn is vyos_defined %}
$PreserveFQDN on
{% endif %}
#### MODULES ####
# Load input modules for local logging and kernel logging

{% if global.local_host_name is vyos_defined %}
$LocalHostName {{ global.local_host_name }}
{% endif %}
# Old-style log file format with low-precision timestamps
# A modern-style logfile format with high-precision timestamps and timezone info
# RSYSLOG_FileFormat
module(load="builtin:omfile" Template="RSYSLOG_TraditionalFileFormat")
module(load="imuxsock") # provides support for local system logging
module(load="imklog") # provides kernel logging support

# We always log to /var/log/messages
$outchannel global,/var/log/messages,262144,/usr/sbin/logrotate {{ logrotate }}
{% if global.facility is vyos_defined %}
{% set tmp = [] %}
{% for facility, facility_options in global.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %}
{% endfor %}
{{ tmp | join(';') }} :omfile:$global
# Import logs from journald
module(
load="imjournal"
StateFile="/var/spool/rsyslog/imjournal.state" # Persistent state file to track the journal cursor
Ratelimit.Interval="0" # Disable rate limiting (set to "0" for no limit)
RateLimit.Burst="0"
)

###########################
#### GLOBAL DIRECTIVES ####
###########################
# Log specific programs to auth.log, then stop further processing
if (
$programname == "CRON" or
$programname == "sudo" or
$programname == "su"
) then {
action(type="omfile" file="/var/log/auth.log")
stop
}

global(workDirectory="/var/spool/rsyslog")

###############
#### RULES ####
###############

# Send emergency messages to all logged-in users
*.emerg action(type="omusrmsg" users="*")

{% if marker is vyos_defined %}
# Load the immark module for periodic --MARK-- message capability
module(load="immark" interval="{{ marker.interval }}")
{% endif %}
{% if preserve_fqdn is vyos_defined %}
# Preserve the fully qualified domain name (FQDN) in log messages
global(preserveFQDN="on")
{% if preserve_fqdn.host_name is vyos_defined and preserve_fqdn.domain_name is vyos_defined %}
# Set the local hostname for log messages
global(localHostname="{{ preserve_fqdn.host_name }}.{{ preserve_fqdn.domain_name }}")
{% endif %}
{% endif %}

{% if file is vyos_defined %}
# File based configuration section
{% for file_name, file_options in file.items() %}
{% set tmp = [] %}
$outchannel {{ file_name }},/var/log/user/{{ file_name }},{{ file_options.archive.size }},/usr/sbin/logrotate {{ logrotate }}
{% if file_options.facility is vyos_defined %}
{% for facility, facility_options in file_options.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %}
{% endfor %}
{% endif %}
{{ tmp | join(';') }} :omfile:${{ file }}
{% endfor %}
#### GLOBAL LOGGING ####
{% if local.facility is vyos_defined %}
{% set tmp = [] %}
{% if local.facility is vyos_defined %}
{% for facility, facility_options in local.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %}
{% endfor %}
if prifilt("{{ tmp | join(',') }}") then {
action(
type="omfile"
file="/var/log/messages"
rotation.sizeLimit="524288" # 512Kib - maximum filesize before rotation
rotation.sizeLimitCommand="/usr/sbin/logrotate {{ logrotate }}"
)
}
{% endif %}
{% endif %}

#### CONSOLE LOGGING ####
{% if console.facility is vyos_defined %}
# Console logging
{% set tmp = [] %}
{% for facility, facility_options in console.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %}
{% endfor %}
{{ tmp | join(';') }} /dev/console
{% if console.facility is vyos_defined %}
{% for facility, facility_options in console.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %}
{% endfor %}
if prifilt("{{ tmp | join(',') }}") then {
action(type="omfile" file="/dev/console")
}
{% endif %}
{% endif %}

{% if host is vyos_defined %}
# Remote logging
{% for host_name, host_options in host.items() %}
#### REMOTE LOGGING ####
{% if remote is vyos_defined %}
{% for remote_name, remote_options in remote.items() %}
{% set tmp = [] %}
{% if host_options.facility is vyos_defined %}
{% for facility, facility_options in host_options.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %}
{% if remote_options.facility is vyos_defined %}
{% for facility, facility_options in remote_options.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') ~ "." ~ facility_options.level.replace('all', 'debug')) %}
{% endfor %}
{% endif %}
{% if host_options.protocol is vyos_defined('tcp') %}
{{ tmp | join(';') }} @@{{ '(o)' if host_options.format.octet_counted is vyos_defined }}{{ host_name | bracketize_ipv6 }}:{{ host_options.port }}{{ ';RSYSLOG_SyslogProtocol23Format' if host_options.format.include_timezone is vyos_defined }}
{% else %}
{{ tmp | join(';') }} @{{ host_name | bracketize_ipv6 }}:{{ host_options.port }}{{ ';RSYSLOG_SyslogProtocol23Format' if host_options.format.include_timezone is vyos_defined }}
{% set _ = tmp.sort() %}
# Remote syslog to {{ remote_name }}
if prifilt("{{ tmp | join(',') }}") then {
action(
type="omfwd"
# Remote syslog server where we send our logs to
target="{{ remote_name | bracketize_ipv6 }}"
# Port on the remote syslog server
port="{{ remote_options.port }}"
protocol="{{ remote_options.protocol }}"
{% if remote_options.format.include_timezone is vyos_defined %}
template="SyslogProtocol23Format"
{% endif %}
TCP_Framing="{{ 'octed-counted' if remote_options.format.octet_counted is vyos_defined else 'traditional' }}"
{% if remote_options.source_address is vyos_defined %}
Address="{{ remote_options.source_address }}"
{% endif %}
{% if remote_options.vrf is vyos_defined %}
Device="{{ remote_options.vrf }}"
{% endif %}
)
}
{% endif %}
{% endfor %}
{% endif %}

{% if user is defined and user is not none %}
# Log to user terminal
{% for username, user_options in user.items() %}
{% set tmp = [] %}
{% if user_options.facility is vyos_defined %}
{% for facility, facility_options in user_options.facility.items() %}
{% set _ = tmp.append(facility.replace('all', '*') + '.' + facility_options.level.replace('all', '*')) %}
{% endfor %}
{% endif %}
{{ tmp | join(';') }} :omusrmsg:{{ username }}
{% endfor %}
{% endif %}
# Include all configuration files in /etc/rsyslog.d/
include(file="/etc/rsyslog.d/*.conf")
1 change: 0 additions & 1 deletion debian/vyos-1x.install
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ etc/netplug
etc/opennhrp
etc/modprobe.d
etc/ppp
etc/rsyslog.conf
etc/securetty
etc/security
etc/skel
Expand Down
2 changes: 1 addition & 1 deletion interface-definitions/include/version/system-version.xml.i
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
<!-- include start from include/version/system-version.xml.i -->
<syntaxVersion component='system' version='28'></syntaxVersion>
<syntaxVersion component='system' version='29'></syntaxVersion>
<!-- include end -->
118 changes: 33 additions & 85 deletions interface-definitions/system_syslog.xml.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,28 +8,17 @@
<priority>400</priority>
</properties>
<children>
<tagNode name="user">
<node name="console">
<properties>
<help>Logging to specific terminal of given user</help>
<completionHelp>
<path>system login user</path>
</completionHelp>
<valueHelp>
<format>txt</format>
<description>Local user account</description>
</valueHelp>
<constraint>
#include <include/constraint/login-username.xml.i>
</constraint>
<constraintErrorMessage>illegal characters in user</constraintErrorMessage>
<help>Log to system console (/dev/console)</help>
</properties>
<children>
#include <include/syslog-facility.xml.i>
</children>
</tagNode>
<tagNode name="host">
</node>
<tagNode name="remote">
<properties>
<help>Logging to remote host</help>
<help>Log to remote host</help>
<constraint>
<validator name="ip-address"/>
<validator name="fqdn"/>
Expand All @@ -49,11 +38,6 @@
</valueHelp>
</properties>
<children>
#include <include/port-number.xml.i>
<leafNode name="port">
<defaultValue>514</defaultValue>
</leafNode>
#include <include/protocol-tcp-udp.xml.i>
#include <include/syslog-facility.xml.i>
<node name="format">
<properties>
Expand All @@ -74,86 +58,50 @@
</leafNode>
</children>
</node>
#include <include/port-number.xml.i>
<leafNode name="port">
<defaultValue>514</defaultValue>
</leafNode>
#include <include/protocol-tcp-udp.xml.i>
#include <include/source-address-ipv4-ipv6.xml.i>
#include <include/interface/vrf.xml.i>
</children>
</tagNode>
<node name="global">
<node name="local">
<properties>
<help>Logging to system standard location</help>
<help>Log to standard system location /var/log/messages</help>
</properties>
<children>
#include <include/syslog-facility.xml.i>
<node name="marker">
<properties>
<help>mark messages sent to syslog</help>
</properties>
<children>
<leafNode name="interval">
<properties>
<help>time interval how often a mark message is being sent in seconds</help>
<constraint>
<validator name="numeric" argument="--positive"/>
</constraint>
</properties>
<defaultValue>1200</defaultValue>
</leafNode>
</children>
</node>
<leafNode name="preserve-fqdn">
<properties>
<help>uses FQDN for logging</help>
<valueless/>
</properties>
</leafNode>
</children>
</node>
<tagNode name="file">
<node name="marker">
<properties>
<help>Logging to a file</help>
<constraint>
<regex>[a-zA-Z0-9\-_.]{1,255}</regex>
</constraint>
<constraintErrorMessage>illegal characters in filename or filename longer than 255 characters</constraintErrorMessage>
<help>Mark messages sent to syslog</help>
</properties>
<children>
<node name="archive">
<leafNode name="interval">
<properties>
<help>Log file size and rotation characteristics</help>
<help>Mark message interval</help>
<valueHelp>
<format>u32:1-65535</format>
<description>Time in seconds</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-86400"/>
</constraint>
<constraintErrorMessage>Port number must be in range 1 to 86400</constraintErrorMessage>
</properties>
<children>
<leafNode name="file">
<properties>
<help>Number of saved files</help>
<constraint>
<regex>[0-9]+</regex>
</constraint>
<constraintErrorMessage>illegal characters in number of files</constraintErrorMessage>
</properties>
<defaultValue>5</defaultValue>
</leafNode>
<leafNode name="size">
<properties>
<help>Size of log files in kbytes</help>
<constraint>
<regex>[0-9]+</regex>
</constraint>
<constraintErrorMessage>illegal characters in size</constraintErrorMessage>
</properties>
<defaultValue>256</defaultValue>
</leafNode>
</children>
</node>
#include <include/syslog-facility.xml.i>
<defaultValue>1200</defaultValue>
</leafNode>
</children>
</tagNode>
<node name="console">
</node>
<leafNode name="preserve-fqdn">
<properties>
<help>logging to serial console</help>
<help>Always include domain portion in hostname</help>
<valueless/>
</properties>
<children>
#include <include/syslog-facility.xml.i>
</children>
</node>
#include <include/interface/vrf.xml.i>
</leafNode>
</children>
</node>
</children>
Expand Down
4 changes: 2 additions & 2 deletions smoketest/config-tests/basic-api-service
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,5 +24,5 @@ set system console device ttyS0 speed '115200'
set system host-name 'vyos'
set system login user vyos authentication encrypted-password '$6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/'
set system login user vyos authentication plaintext-password ''
set system syslog global facility all level 'info'
set system syslog global facility local7 level 'debug'
set system syslog local facility all level 'info'
set system syslog local facility local7 level 'debug'
Loading
Loading