Defined Type: rsyslog::rule::data_source

Defined in:
manifests/rule/data_source.pp

Overview

Add a rule for collecting logs from files on the system

In general, the order will be:

  • Data Source Rules

  • Console Rules

  • Drop Rules

  • Remote Rules

  • Other/Miscellaneous Rules

  • Local Rules

Examples:

Collect Logs From /opt/log/my_app

rsyslog::rule::data_source { 'new_input':
  rule => @(EOM)
    input(type="imfile"
      File="/opt/log/my_app"
      StateFile="my_app"
      Tag="my_app"
      Facility="local6"
      Severity="notice"
    )
    |EOM
}

Parameters:

  • name (String)

    The filename that you will be dropping into place

  • rule (String)

    The Rsyslog EXPRESSION to filter on

See Also:



39
40
41
42
43
44
45
46
47
# File 'manifests/rule/data_source.pp', line 39

define rsyslog::rule::data_source(
  String $rule
) {
  $_safe_name = regsubst($name,'/','__')

  rsyslog::rule { "05_simp_data_sources/${_safe_name}.conf":
    content => inline_template('<%= @rule.split("\n").collect{ |x| x.sub(/^\s+/,"") }.join("\n") %>')
  }
}