Skip to content

rapid7/le_chef

BranchesTags

Repository files navigation

Logentries_agent Chef Cookbook

Installs/Configures the Logentries agent to allow logging to Logentries

Requirements

Platform:

  • Debian
  • Ubuntu
  • Rhel

Cookbooks:

The following are dependencies of the Logentries cookbook

  • apt
  • yum

Attributes

Default

  • node['le']['account_key'] - your Logentries account_key (this can be found following this link)
  • node['le']['data_bag_name'] - Name of a data bag containing account key.
  • node['le']['data_bag_item_name'] - Name of a data bag item containing account key.
  • node['le']['hostname'] - sets the hostname of the log to the machine name, defaults to node['hostname']
  • node['le']['logs_to_follow'] - An array of logs to follow or an array of hashes
  • node['le']['datahub']['enable'] - To send logs to datahub set this to true. Default is false
  • node['le']['datahub']['server_ip'] - IP of your datahub server
  • node['le']['datahub']['port'] - port datahub is running on, normally port 10000
  • node['le']['pull-server-side-config'] - Specifies whether to make an api call to pull configuration or not, by default this is set to true meaning an api call will be made to logentries.com. Default is true
  • node['le']['deb'] - the distro of the debian platform , defaults to node['lsb']['codename'].

Notice: If node['le']['account_key'] is empty, then the chef will get account_key from the data bag.

Data bag

Example of a data bag:

{
  "id": "le",
  "account_key": "f8dbebcc-f907-41e1-9089-701134572b36"
}

Example of logs_to_follow

  • caveats - name needs to be unique

Usage

There are 3 main scenarios in which the Logentries Linux Agent can be run.

Default (no datahub and pull configuration from logentries.com)

override['le']['account_key'] = <logentries_account_key>
override['le']['logs_to_follow'] = ['/var/log/syslog']
override['le']['logs_to_follow'] = [{:name => 'syslog', :log => '/var/log/syslog'}]

This is the normal case where you send the data directly to Logentries and get the configuration for your logs from Logentries as well. To send data to logentries you will have to override node['le']['account_key']

Local configuration only

override['le']['pull-server-side-config'] = false
override['le']['logs_to_follow'] = [{:name => 'syslog', :log => '/var/log/syslog', :token => '00000000-0000-0000-0000-000000000000'}]

To send data to Logentries without specifying an account key, you can set override['le']['pull-server-side-config'] to false. This will only send the logs specified in the configuration file without contacting Logentries. In this case you have to create the logs in advance and know the tokens as well.

Datahub

override['le']['datahub']['enable'] = true
override['le']['pull-server-side-config'] = false
override['le']['datahub']['server_ip'] = '1.2.3.4'
override['le']['datahub']['port'] = 10000
override['le']['logs_to_follow'] = [{:name => 'syslog', :log => '/var/log/syslog'}]

This scenario is for datahub users looking to push a config and not need to register to send their logs to their datahub instance.

Usage

Put depends 'yum', and 'apt', in your metadata.rb to gain access to the resources.

Updating the Logentries Agent

Restarting the Chef script will allow the recipe to install any updates to the Logentries agent.

License and Author

Copyright (C) 2015, RevelOps Inc.

License:: All rights reserved

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

20 stars

Watchers

60 watching

Forks

35 forks
Report repository

Releases

4 tags

Packages

No packages published

Contributors 22

+ 8 contributors

Languages