rene/ansible-pull
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

corrected rsyslog settings

Browse Source
This commit is contained in:
Rene Mewissen
2025-10-07 19:00:27 +02:00
parent 8bdd951174
commit 6335e200cd
3 changed files with 60 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/bastionhost/tasks/system_setup/auditd_logging.yml
View File

@@ -49,9 +49,6 @@
# Forward all audit logs to a remote server via TLS
# This file is managed by Ansible.
# Define the CA certificate rsyslog should trust
global(DefaultNetstreamDriverCAFile="{{ rsyslog_tls_ca_cert }}")
# Define the forwarding rule
if $programname == 'audisp-syslog' then {
action(type="omfwd"

12
roles/bastionhost/tasks/system_setup/rsyslog_forwarding.yml
View File

@@ -57,15 +57,15 @@
template="gelf"
StreamDriver="gtls"
StreamDriverMode="1"
StreamDriver.AuthMode="x509/name"
StreamDriver.PermittedPeer="{{ log_forwarding_permitted_peer }}"
StreamDriverAuthMode="x509/name"
StreamDriverPermittedPeers="{{ log_forwarding_permitted_peers }}"
)
}
notify: restart rsyslog
when:
- log_forwarding_type == 'gelf'
- log_forwarding_target is defined
- log_forwarding_permitted_peer is defined
- log_forwarding_permitted_peers is defined
- name: Bastionhost | rsyslog forwarding | Configure standard TLS forwarding for SSH logs
ansible.builtin.copy:
@@ -86,12 +86,12 @@
template="RSYSLOG_SyslogProtocol23Format"
StreamDriver="gtls"
StreamDriverMode="1"
StreamDriver.AuthMode="x509/name"
StreamDriver.PermittedPeer="{{ log_forwarding_permitted_peer }}"
StreamDriverAuthMode="x509/name"
StreamDriverPermittedPeer="{{ log_forwarding_permitted_peers }}"
)
}
notify: restart rsyslog
when:
- log_forwarding_target is defined
- log_forwarding_permitted_peer is defined
- log_forwarding_permitted_peers is defined
- log_forwarding_type == 'syslog'