Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Initial commit of graylog2 module.

  • Loading branch information...
commit e0ab2c7b352e19f8ff6dc313e15f4716d6f31bd2 1 parent 7ad8d45
Peter Drake authored
View
12 Modulefile
@@ -0,0 +1,12 @@
+name 'puppet-graylog2'
+version '0.0.1'
+author 'pdrakeweb'
+license 'GPL'
+summary 'Install graylog2 web interface and server.'
+description 'Install graylog2 web interface and server.'
+project_page 'https://github.com/pdrakeweb/puppet-graylog2'
+
+# Depends on a module called apache which installs apache2
+# dependency 'apache', '>= 1.2.0'
+# dependency 'apt', '>= 0.0.1'
+
View
15 README
@@ -0,0 +1,15 @@
+graylog2
+
+This is the graylog2 module.
+
+In order to install graylog2, the following files should be downloaded and places in the files directory:
+ 1. graylog2-server: https://github.com/Graylog2/graylog2-server/downloads (copy to modules/graylog2/files/graylog2-server-${glVersion}.tar.gz)
+ 2. graylog2-web-interface: https://github.com/Graylog2/graylog2-web-interface/downloads (copy to modules/graylog2/files/graylog2-web-interface-${glVersion}.tar.gz)
+
+Call graylog2 like:
+
+class role_prod_graylogserver {
+ class { graylog2: glVersion => "0.9.6" }
+ include graylog2::server
+ include graylog2::web
+}
View
7 lib/facter/gem_bin_path.rb
@@ -0,0 +1,7 @@
+# gem_bin_path.rb
+
+Facter.add("gem_bin_path") do
+ setcode do
+ Facter::Util::Resolution.exec('ruby -r rubygems -e "puts Gem.path.collect{ |value| value + \'/bin\'}.join(\':\')"').chomp
+ end
+end
View
36 manifests/init.pp
@@ -0,0 +1,36 @@
+# Class: graylog2
+#
+# This module manages graylog2
+#
+# Parameters:
+# glVersion - the version of graylog2 being installed (eg. 0.9.6)
+# glBasePath - the location to which graylog2 is being installed (eg. /var/graylog2)
+#
+# Actions:
+#
+# Requires:
+# java
+#
+# Sample Usage:
+# include graylog2 // note this is useless without including graylog2::server and/or graylog2::web
+#
+# [Remember: No empty lines between comments and class definition]
+class graylog2 ( $glVersion = "0.9.6", $glBasePath = "/var/graylog2") {
+
+ include java
+
+ file { "${glBasePath}":
+ ensure => "directory",
+ owner => "root",
+ group => "root",
+ mode => 755,
+ }
+
+ file { "${glBasePath}/src":
+ ensure => "directory",
+ owner => "root",
+ group => "root",
+ mode => 755,
+ }
+
+}
View
73 manifests/server.pp
@@ -0,0 +1,73 @@
+# Class: graylog2::server
+#
+# This module manages graylog2::server
+#
+# Parameters:
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+# include graylog2::server
+#
+# [Remember: No empty lines between comments and class definition]
+class graylog2::server inherits graylog2 {
+
+ include mongodb
+ include elasticsearch
+
+ file { "${glBasePath}/src/graylog2-server-${glVersion}.tar.gz":
+ owner => root,
+ group => root,
+ mode => 644,
+ source => "puppet:///modules/graylog2/graylog2-server-${glVersion}.tar.gz",
+ }
+
+ exec { "graylog2-server-extract":
+ path => "/bin:/usr/bin:/usr/local/bin",
+ cwd => "${glBasePath}/src",
+ command => "tar -xzf graylog2-server-${glVersion}.tar.gz",
+ require => File["${glBasePath}/src/graylog2-server-${glVersion}.tar.gz"],
+ creates => "${glBasePath}/src/graylog2-server-${glVersion}",
+ }
+
+ file { "${glBasePath}/server":
+ ensure => link,
+ target => "${glBasePath}/src/graylog2-server-${glVersion}",
+ require => Exec["graylog2-server-extract"],
+ }
+
+ file { "/etc/graylog2.conf":
+ content => template("graylog2/graylog2.conf.erb"),
+ owner => root,
+ group => root,
+ mode => 644,
+ notify => Service["graylog2-server"],
+ }
+
+ file { "/etc/init/graylog2-server.conf":
+ content => template("graylog2/graylog2-server.conf.erb"),
+ owner => root,
+ group => root,
+ mode => 644,
+ }
+
+ file { "/etc/cron.d/graylog2-server":
+ content => template("graylog2/graylog2-server.cron.erb"),
+ owner => root,
+ group => root,
+ mode => 644,
+ }
+
+ service { "graylog2-server":
+ ensure => running,
+ hasstatus => false,
+ start => "start graylog2-server",
+ stop => "stop graylog2-server",
+ restart => "restart graylog2-server",
+ require => File["/etc/init/graylog2-server.conf"],
+ provider => "base",
+ }
+
+}
View
103 manifests/web.pp
@@ -0,0 +1,103 @@
+# Class: graylog2::web
+#
+# This module manages graylog2::web
+#
+# Parameters:
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+# include graylog2::web
+#
+# [Remember: No empty lines between comments and class definition]
+class graylog2::web inherits graylog2 {
+
+ include apache
+
+ if !defined(Package["bundler"]) {
+ package { "bundler": ensure => latest, provider => gem }
+ }
+
+ if !defined(Package["libapache2-mod-passenger"]) {
+ package { "libapache2-mod-passenger": ensure => latest, }
+ }
+
+ file { "${glBasePath}/src/graylog2-web-interface-${glVersion}.tar.gz":
+ owner => root,
+ group => root,
+ mode => 644,
+ source => "puppet:///modules/graylog2/graylog2-web-interface-${glVersion}.tar.gz",
+ }
+
+ exec { "graylog2-web-extract":
+ path => "/bin:/usr/bin:/usr/local/bin",
+ cwd => "${glBasePath}/src",
+ command => "tar -xzf graylog2-web-interface-${glVersion}.tar.gz",
+ require => File["${glBasePath}/src/graylog2-web-interface-${glVersion}.tar.gz"],
+ creates => "${glBasePath}/src/graylog2-web-interface-${glVersion}",
+ }
+
+ file { "${glBasePath}/src/graylog2-web-interface-${glVersion}":
+ ensure => directory,
+ owner => www-data,
+ group => www-data,
+ mode => 755,
+ require => Exec["graylog2-web-extract"],
+ }
+
+ file { "${glBasePath}/src/graylog2-web-interface-${glVersion}/log":
+ ensure => directory,
+ owner => www-data,
+ group => www-data,
+ mode => 755,
+ require => File["${glBasePath}/src/graylog2-web-interface-${glVersion}"],
+ }
+
+ file { "${glBasePath}/src/graylog2-web-interface-${glVersion}/log/production.log":
+ owner => www-data,
+ group => www-data,
+ mode => 666,
+ replace => false,
+ content => "# graylog2 web interface log",
+ require => File["${glBasePath}/src/graylog2-web-interface-${glVersion}/log"],
+ }
+
+ file { "${glBasePath}/web":
+ ensure => link,
+ target => "${glBasePath}/src/graylog2-web-interface-${glVersion}",
+ require => Exec["graylog2-web-extract"],
+ }
+
+ exec { "mongoid-downgrade":
+ path => "/bin:/usr/bin:/usr/local/bin",
+ cwd => "${glBasePath}/web",
+ command => "cp Gemfile Gemfile.bak && sed 's/2\.3\.3/2\.2\.5/g' Gemfile.bak > Gemfile",
+ require => File[ "${glBasePath}/web" ],
+ creates => "${glBasePath}/src/graylog2-web-interface-${glVersion}/Gemfile.bak",
+ }
+
+ exec { "graylog2-web-install":
+ path => "/bin:/usr/bin:${gem_bin_path}",
+ cwd => "${glBasePath}/web",
+ command => "bundle install && touch bundle-installed",
+ require => [Package["bundler"], File["${glBasePath}/web"]],
+ creates => "${glBasePath}/web/bundle-installed",
+ }
+
+ file { "/etc/apache2/sites-available/graylog2":
+ content => template("graylog2/apache2-graylog2.erb"),
+ owner => root,
+ group => root,
+ mode => 644,
+ }
+
+ file { "/etc/apache2/sites-enabled/graylog2":
+ ensure => link,
+ target => "/etc/apache2/sites-available/graylog2",
+ require => Exec["graylog2-web-extract"],
+ notify => Exec["reload-apache2"],
+ }
+
+}
View
12 metadata.json
@@ -0,0 +1,12 @@
+/*
++-----------------------------------------------------------------------+
+| |
+| ==> DO NOT EDIT THIS FILE! <== |
+| |
+| You should edit the `Modulefile` and run `puppet-module build` |
+| to generate the `metadata.json` file for your releases. |
+| |
++-----------------------------------------------------------------------+
+*/
+
+{}
View
6 spec/spec.opts
@@ -0,0 +1,6 @@
+--format
+s
+--colour
+--loadby
+mtime
+--backtrace
View
18 spec/spec_helper.rb
@@ -0,0 +1,18 @@
+require 'pathname'
+dir = Pathname.new(__FILE__).parent
+$LOAD_PATH.unshift(dir, dir + 'lib', dir + '../lib')
+
+require 'mocha'
+require 'puppet'
+gem 'rspec', '=1.2.9'
+require 'spec/autorun'
+
+Spec::Runner.configure do |config|
+ config.mock_with :mocha
+end
+
+# We need this because the RAL uses 'should' as a method. This
+# allows us the same behaviour but with a different method name.
+class Object
+ alias :must :should
+end
View
20 templates/apache2-graylog2.erb
@@ -0,0 +1,20 @@
+#
+# Generated by Puppet, DO NOT TOUCH
+#
+Listen 80
+
+<VirtualHost *:80>
+ DocumentRoot <%= glBasePath %>/web/public
+ <Directory <%= glBasePath %>/web/public>
+ Allow from all
+ Options -MultiViews
+ SetEnv MONGOID_HOST localhost
+ SetEnv MONGOID_PORT 27017
+ SetEnv MONGOID_USERNAME
+ SetEnv MONGOID_PASSWORD
+ SetEnv MONGOID_DATABASE graylog2
+ </Directory>
+ ErrorLog /var/log/apache2/error.log
+ LogLevel warn
+ CustomLog /var/log/apache2/access.log combined
+</VirtualHost>
View
15 templates/graylog2-server.conf.erb
@@ -0,0 +1,15 @@
+description "graylog2 server"
+author "Peter J. Drake <pdrake@gmail.com>"
+
+start on runlevel [2345]
+stop on runlevel [06]
+
+# tell upstart we're creating a daemon
+# upstart manages PID creation for you.
+expect fork
+
+script
+ cd <%= glBasePath %>/server
+ exec sudo java -jar graylog2-server.jar &
+ emit graylog2-server_running
+end script
View
4 templates/graylog2-server.cron.erb
@@ -0,0 +1,4 @@
+# /etc/cron.d/graylog2: crontab fragment for graylog2
+
+# Send stream alarms and subscriptions every 15 minutes
+*/15 * * * * root cd <%= glBasePath %>/web && rake streamalarms:send && rake subscriptions:send
View
66 templates/graylog2.conf.erb
@@ -0,0 +1,66 @@
+#
+# Generated by Puppet, DO NOT TOUCH
+#
+# On which port (UDP) should we listen for Syslog messages? (Standard: 514)
+syslog_listen_port = 514
+syslog_protocol = udp
+
+# ElasticSearch URL (default: http://localhost:9200/)
+elasticsearch_url = http://localhost:9200/
+elasticsearch_index_name = graylog2
+
+# Always try a reverse DNS lookup instead of parsing hostname from syslog message?
+force_syslog_rdns = false
+
+# MongoDB Configuration
+mongodb_useauth = false
+mongodb_user = root
+mongodb_password =
+mongodb_host = localhost
+#mongodb_replica_set = localhost:27017,localhost:27018,localhost:27019
+mongodb_database = graylog2
+mongodb_port = 27017
+
+# Graylog2 uses an internal message queue that holds all received messages until they are indexed. The mq_batch_size parameter defines how many messages are sent
+# to ElasticSearch at once (using a _bulk update: http://www.elasticsearch.org/guide/reference/api/bulk.html). The mq_poll_freq parameter controls in which
+# interval (in seconds) the message batch is sent. Example: If you leave the standard values (mq_batch_size = 4000, mq_poll_freq = 1), Graylog2 will index 4000 messages
+# every second. If you have spikes with more than 4000 messages per second, the queue will start growing until you get under 4000 messages/second again. The queue is
+# FIFO and can grow until you run out of RAM. Note that the queue *only* resists in RAM, so if you set the mq_poll_freq to a high value, you may lose a lot of not yet
+# indexed messages when the server crashes. Run the server in debug mode (java -jar graylog2-server.jar --debug) with a |grep '^INFO' to see debug information about
+# the queue and it's size. (INFO : org.graylog2.periodical.BulkIndexerThread - About to index max 4000 messages. You have a total of 103 messages in the queue. [freq:1s])
+# You can also monitor the queue size in your graylog2-web-interface.
+mq_batch_size = 4000
+mq_poll_freq = 1
+
+# You can set a maximum size of the message queue. If this size is reached, all new messages will be rejected until messages are removed/indexed from the queue.
+# 0 = unlimited queue size (default)
+mq_max_size = 0
+
+# Raise this according to the maximum connections your MongoDB server can handle if you encounter MongoDB connection problems.
+mongodb_max_connections = 100
+
+# Number of threads allowed to be blocked by MongoDB connections multiplier. Default: 5
+# If mongodb_max_connections is 100, and mongodb_threads_allowed_to_block_multiplier is 5, then 500 threads can block. More than that and an exception will be thrown.
+# http://api.mongodb.org/java/current/com/mongodb/MongoOptions.html#threadsAllowedToBlockForConnectionMultiplier
+mongodb_threads_allowed_to_block_multiplier = 5
+
+# Graylog Extended Log Format (GELF)
+use_gelf = true
+gelf_listen_address = 0.0.0.0
+gelf_listen_port = 12201
+
+# Drools Rule File (Use to rewrite incoming log messages)
+# rules_file = /etc/graylog2.d/rules/graylog2.drl
+
+# AMQP
+amqp_enabled = false
+amqp_subscribed_queues = somequeue1:gelf,somequeue2:gelf,somequeue3:syslog
+amqp_host = localhost
+amqp_port = 5672
+amqp_username = guest
+amqp_password = guest
+amqp_virtualhost = /
+
+# Forwarders
+# Timeout in seconds for each connection and read of Logg.ly API when forwarding messages. Default: 3
+forwarder_loggly_timeout = 3
View
3  tests/init.pp
@@ -0,0 +1,3 @@
+include graylog2
+include graylog2::server
+include graylog2::web
Please sign in to comment.
Something went wrong with that request. Please try again.