StackStorm · jfryman · Aug 22, 2015 · Aug 22, 2015 · Aug 22, 2015 · Aug 22, 2015
diff --git a/files/etc/rsyslog.d/10-st2.conf b/files/etc/rsyslog.d/10-st2.conf
@@ -0,0 +1,19 @@
+# st2 Syslog filters
+
+# all logs
+if $programname contains "st2actions" then /var/log/st2/st2actions.log
+if $programname contains "st2notifier" then /var/log/st2/st2notifier.log
+if $programname contains "st2resultstracker" then /var/log/st2/st2resultstracker.log
+if $programname contains "st2rulesengine" then /var/log/st2/st2rulesengine.log
+if $programname contains "st2sensorcontainer" then /var/log/st2/st2sensorcontainer.log
+if $programname contains "st2api" then /var/log/st2/st2api.log
+if $programname contains "st2auth" then /var/log/st2/st2auth.log
+
+# audit logs
+if $programname contains "st2actions" and $msg contains "AUDIT" then /var/log/st2/st2actions.audit.log
+if $programname contains "st2notifier" and $msg contains "AUDIT" then /var/log/st2/st2notifier.audit.log
+if $programname contains "st2resultstracker" and $msg contains "AUDIT" then /var/log/st2/st2resultstracker.audit.log
+if $programname contains "st2rulesengine" and $msg contains "AUDIT" then /var/log/st2/st2rulesengine.audit.log
+if $programname contains "st2sensorcontainer" and $msg contains "AUDIT" then /var/log/st2/st2sensorcontainer.audit.log
+if $programname contains "st2api" and $msg contains "AUDIT" then /var/log/st2/st2api.audit.log
+if $programname contains "st2auth" and $msg contains "AUDIT" then /var/log/st2/st2auth.audit.log
diff --git a/manifests/init.pp b/manifests/init.pp
@@ -22,6 +22,11 @@
 #  [*cli_auth_url*]       - CLI config - Auth URL
 #  [*workers*]            - Set the number of actionrunner processes to start
 #  [*ng_init*]            - [Experimental] Init scripts for services. Upstart ONLY
+#  [*syslog*]             - Routes all log messages to syslog
+#  [*syslog_host*]        - Syslog host. Default: localhost
+#  [*syslog_protocol*]    - Syslog protocol. Default: udp
+#  [*syslog_port*]        - Syslog port. Default: 514
+#  [*syslog_facility*]    - Syslog facility. Default: local7
 #
 #  Variables can be set in Hiera and take advantage of automatic data bindings:
 #
@@ -50,4 +55,9 @@
   $ng_init            = false,
   $mistral_api_url    = undef,
   $mistral_api_port   = '8989',
+  $syslog             = false,
+  $syslog_host        = 'localhost',
+  $syslog_protocol    = 'udp',
+  $syslog_port        = 514,
+  $syslog_facility    = 'local7',
 ) { }
diff --git a/manifests/logging/rsyslog.pp b/manifests/logging/rsyslog.pp
@@ -0,0 +1,26 @@
+# Class: st2::logging::rsyslog
+#
+#  Helper class to route syslog messages when using rsyslog
+#
+# Description
+#
+#  This class bootstraps a system configured with rsyslog
+#  and st2::syslog enabled to route messages to all the right
+#  places.
+#
+# Parameters
+#
+#  This class contains no parameters
+#
+# Usage
+#
+#  include ::st2::logging::rsyslog
+class st2::logging::rsyslog {
+  file { '/etc/rsyslog.d/10-st2.conf':
+    ensure => file,
+    owner  => 'root',
+    group  => 'root',
+    mode   => '0640',
+    source => 'puppet:///modules/st2/etc/rsyslog.d/10-st2.conf',
+  }
+}
diff --git a/manifests/profile/server.pp b/manifests/profile/server.pp
@@ -4,23 +4,28 @@
 #
 # === Parameters
 #
-#  [*version*] - Version of StackStorm to install
-#  [*revision*] - Revision of StackStorm to install
-#  [*auth*] - Toggle Auth
-#  [*workers*] - Set the number of actionrunner processes to start
-#  [*st2api_listen_ip*] - Listen IP for st2api process
-#  [*st2api_listen_port*] - Listen port for st2api process
-#  [*st2auth_listen_ip*] - Listen IP for st2auth process
-#  [*st2auth_listen_port*] - Listen port for st2auth process
-#  [*manage_st2api_service*] - Toggle whether this module creates an init script for st2api.
-#                              If you disable this, it is your responsibility to create a service
-#                              named `st2api` for `st2ctl` to continue to work.
+#  [*version*]                - Version of StackStorm to install
+#  [*revision*]               - Revision of StackStorm to install
+#  [*auth*]                   - Toggle Auth
+#  [*workers*]                - Set the number of actionrunner processes to start
+#  [*st2api_listen_ip*]       - Listen IP for st2api process
+#  [*st2api_listen_port*]     - Listen port for st2api process
+#  [*st2auth_listen_ip*]      - Listen IP for st2auth process
+#  [*st2auth_listen_port*]    - Listen port for st2auth process
+#  [*manage_st2api_service*]  - Toggle whether this module creates an init script for st2api.
+#                               If you disable this, it is your responsibility to create a service
+#                               named `st2api` for `st2ctl` to continue to work.
 #  [*manage_st2auth_service*] - Toggle whether this module creates an init script for st2auth.
-#                              If you disable this, it is your responsibility to create a service
-#                              named `st2auth` for `st2ctl` to continue to work.
-#  [*manage_st2web_service*] - Toggle whether this module creates an init script for st2web.
-#                              If you disable this, it is your responsibility to create a service
-#                              named `st2web` for `st2ctl` to continue to work.
+#                               If you disable this, it is your responsibility to create a service
+#                               named `st2auth` for `st2ctl` to continue to work.
+#  [*manage_st2web_service*]  - Toggle whether this module creates an init script for st2web.
+#                               If you disable this, it is your responsibility to create a service
+#                               named `st2web` for `st2ctl` to continue to work.
+#  [*syslog*]                 - Routes all log messages to syslog
+#  [*syslog_host*]            - Syslog host.
+#  [*syslog_protocol*]        - Syslog protocol.
+#  [*syslog_port*]            - Syslog port.
+#  [*syslog_facility*]        - Syslog facility.
 #
 # === Variables
 #
@@ -40,6 +45,10 @@
   $revision               = $::st2::revision,
   $auth                   = $::st2::auth,
   $workers                = $::st2::workers,
+  $syslog                 = $::st2::syslog,
+  $syslog_host            = $::st2::syslog_host,
+  $syslog_port            = $::st2::syslog_port,
+  $syslog_facility        = $::st2::syslog_facitily,
   $st2api_listen_ip       = '0.0.0.0',
   $st2api_listen_port     = '9101',
   $st2auth_listen_ip      = '0.0.0.0',
@@ -81,6 +90,10 @@
     true    => 'True',
     default => 'False',
   }
+  $_logger_config = $syslog ? {
+    true    => 'syslog',
+    default => 'logging',
+  }
 
   file { $_conf_dir:
     ensure => directory,
@@ -124,60 +137,147 @@
     content => 'st2server_bootstrapped=true',
   }
 
+  ini_setting { 'ssh_key_stanley':
+    ensure  => present,
+    path    => '/etc/st2/st2.conf',
+    section => 'system_user',
+    setting => 'ssh_key_file',
+    value   => '/home/stanley/.ssh/st2_stanley_key',
+  }
+
+  ## ActionRunner settings
+  ini_setting { 'actionrunner_logging':
+    ensure => present,
+    path   => '/etc/st2/st2.conf',
+    section => 'actionrunner',
+    setting => 'logging',
+    value   => "/etc/st2actions/${_logger_config}.conf",
+  }
+
+  ## API Settings
   ini_setting { 'api_listen_ip':
     ensure  => present,
     path    => '/etc/st2/st2.conf',
     section => 'api',
     setting => 'host',
     value   => $st2api_listen_ip,
   }
-
   ini_setting { 'api_listen_port':
     ensure  => present,
     path    => '/etc/st2/st2.conf',
     section => 'api',
     setting => 'port',
     value   => $st2api_listen_port,
   }
+  ini_setting { 'api_allow_origin':
+    ensure  => 'present',
+    path    => '/etc/st2/st2.conf',
+    section => 'api',
+    setting => 'allow_origin',
+    value   => '*',
+  }
+  ini_setting { 'api_logging':
+    ensure => present,
+    path   => '/etc/st2/st2.conf',
+    section => 'api',
+    setting => 'logging',
+    value   => "/etc/st2api/${_logger_config}.conf",
+  }
 
-  ini_setting { 'auth_listen_ip':
+  ## Authentication Settings
+  ini_setting { 'auth':
     ensure  => present,
     path    => '/etc/st2/st2.conf',
     section => 'auth',
-    setting => 'host',
-    value   => $st2auth_listen_ip,
+    setting => 'enable',
+    value   => $_enable_auth,
   }
-
   ini_setting { 'auth_listen_port':
     ensure  => present,
     path    => '/etc/st2/st2.conf',
     section => 'auth',
     setting => 'port',
     value   => $st2auth_listen_port,
   }
-
-  ini_setting { 'api_allow_origin':
-    ensure  => 'present',
+  ini_setting { 'auth_listen_ip':
+    ensure  => present,
     path    => '/etc/st2/st2.conf',
-    section => 'api',
-    setting => 'allow_origin',
-    value   => '*',
+    section => 'auth',
+    setting => 'host',
+    value   => $st2auth_listen_ip,
+  }
+  ini_setting { 'auth_logging':
+    ensure => present,
+    path   => '/etc/st2/st2.conf',
+    section => 'auth',
+    setting => 'logging',
+    value   => "/etc/st2api/${_logger_config}.conf",
   }
 
-  ini_setting { 'ssh_key_stanley':
+  ## Notifier Settings
+  ini_setting { 'notifier_logging':
+    ensure => present,
+    path   => '/etc/st2/st2.conf',
+    section => 'notifier',
+    setting => 'logging',
+    value   => "/etc/st2actions/${_logger_config}.notifier.conf",
+  }
+
+  ## Resultstracker Settings
+  ini_setting { 'resultstracker_logging':
+    ensure => present,
+    path   => '/etc/st2/st2.conf',
+    section => 'resultstracker',
+    setting => 'logging',
+    value   => "/etc/st2actions/${_logger_config}.resultstracker.conf",
+  }
+
+  ## Rules Engine Settings
+  ini_setting { 'rulesengine_logging':
+    ensure => present,
+    path   => '/etc/st2/st2.conf',
+    section => 'rulesengine',
+    setting => 'logging',
+    value   => "/etc/st2reactor/${_logger_config}.rulesengine.conf",
+  }
+
+  ## Sensor container Settings
+  ini_setting { 'sensorcontainer_logging':
+    ensure => present,
+    path   => '/etc/st2/st2.conf',
+    section => 'sensorcontainer',
+    setting => 'logging',
+    value   => "/etc/st2reactor/${_logger_config}.sensorcontainer.conf",
+  }
+
+  ## Syslog Settings
+  ini_setting { 'syslog_host':
     ensure  => present,
     path    => '/etc/st2/st2.conf',
-    section => 'system_user',
-    setting => 'ssh_key_file',
-    value   => '/home/stanley/.ssh/st2_stanley_key',
+    section => 'syslog',
+    setting => 'host',
+    value   => $syslog_host,
   }
-
-  ini_setting { 'auth':
+  ini_setting { 'syslog_protocol':
     ensure  => present,
     path    => '/etc/st2/st2.conf',
-    section => 'auth',
-    setting => 'enable',
-    value   => $_enable_auth,
+    section => 'syslog',
+    setting => 'protocol',
+    value   => $syslog_protocol,
+  }
+  ini_setting { 'syslog_port':
+    ensure  => present,
+    path    => '/etc/st2/st2.conf',
+    section => 'syslog',
+    setting => 'port',
+    value   => $syslog_port,
+  }
+  ini_setting { 'syslog_facility':
+    ensure  => present,
+    path    => '/etc/st2/st2.conf',
+    section => 'syslog',
+    setting => 'facility',
+    value   => $syslog_facility,
   }
 
   if $_ng_init {

diff --git a/metadata.json b/metadata.json
@@ -1,6 +1,6 @@
 {
   "name": "stackstorm-st2",
-  "version": "0.7.0",
+  "version": "0.7.1",
   "author": "stackstorm",
   "summary": "Puppet module to manage/configure StackStorm",
   "license": "Apache 2.0",