diff --git a/CICD/heat/gc_HOT.yaml b/CICD/heat/gc_HOT.yaml index 6137bbedd1c7bae184cf91bee74b0e5e3c77cb8e..9aefd480740a2f200bc30073a12158e8f312274a 100644 --- a/CICD/heat/gc_HOT.yaml +++ b/CICD/heat/gc_HOT.yaml @@ -62,6 +62,11 @@ parameters: type: string label: Resource ID default: 070a32e2-858b-462a-b2b5-b3a92eec2669 + SYSLOGSecGroupID: + type: string + label: Resource ID + default: 1de45b93-e5f6-4838-94f7-fc307752d6cb + resources: @@ -75,9 +80,9 @@ resources: flavor: m3.xsmall image: { get_param: centos_7_image_id } key_name: { get_param: ssh_key } - security_groups: [ { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: MySQLSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID } ] + security_groups: [ { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: MySQLSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID }, { get_param: SYSLOGSecGroupID } ] metadata: - ansible_host_groups: [ SQLNodes, NFSNodes, LDAPServer, CentosNodes ] + ansible_host_groups: [ SQLNodes, NFSNodes, LDAPServer, CentosNodes, LogNodes ] ansible_ssh_user: ec2-user project_name: { get_param: project_name } networks: @@ -133,7 +138,7 @@ resources: mynodename: list_join: [ '-', [ { get_param: "OS::stack_name" }, 'mgmt%index%' ]] ssh_key: { get_param: ssh_key } - security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: MySQLSecGroupID } ] + security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: MySQLSecGroupID }, { get_param: SYSLOGSecGroupID } ] project_name: { get_param: project_name } MgmtNodesU: @@ -150,7 +155,7 @@ resources: mynodename: list_join: [ '-', [ { get_param: "OS::stack_name" }, 'mgmtU%index%' ]] ssh_key: { get_param: ssh_key } - security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: MySQLSecGroupID } ] + security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: MySQLSecGroupID }, { get_param: SYSLOGSecGroupID } ] project_name: { get_param: project_name } LoginNodesC: @@ -166,7 +171,7 @@ resources: key_name: { get_param: ssh_key } name: list_join: [ '-', [ { get_param: "OS::stack_name" }, 'login%index%' ]] - security_groups: [ default, { get_param: PublicSSHSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID } ] + security_groups: [ default, { get_param: PublicSSHSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID }, { get_param: SYSLOGSecGroupID } ] metadata: ansible_host_groups: [ LoginNodes, CentosNodes ] ansible_ssh_user: ec2-user @@ -187,7 +192,7 @@ resources: key_name: { get_param: ssh_key } name: list_join: [ '-', [ { get_param: "OS::stack_name" }, 'loginU%index%' ]] - security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID } ] + security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID }, { get_param: SYSLOGSecGroupID } ] metadata: ansible_host_groups: [ LoginNodes, UbuntuNodes ] ansible_ssh_user: ubuntu @@ -208,7 +213,7 @@ resources: key_name: { get_param: ssh_key } name: list_join: [ '-', [ { get_param: "OS::stack_name" }, 'desktopc%index%' ]] - security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID } ] + security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID }, { get_param: SYSLOGSecGroupID } ] metadata: ansible_host_groups: [ DesktopNodes, VisNodes, ComputeNodes, CentosNodes ] ansible_ssh_user: ec2-user @@ -229,7 +234,7 @@ resources: key_name: { get_param: ssh_key } name: list_join: [ '-', [ { get_param: "OS::stack_name" }, 'computeU%index%' ]] - security_groups: [ default, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: SSHMonashSecGroupID }, { get_param: LDAPSecGroupID } ] + security_groups: [ default, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: SSHMonashSecGroupID }, { get_param: LDAPSecGroupID }, { get_param: SYSLOGSecGroupID } ] metadata: ansible_host_groups: [ ComputeNodes, UbuntuNodes ] ansible_ssh_user: ubuntu @@ -250,7 +255,7 @@ resources: key_name: { get_param: ssh_key } name: list_join: [ '-', [ { get_param: "OS::stack_name" }, 'computec7%index%' ]] - security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID } ] + security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID }, { get_param: SYSLOGSecGroupID } ] metadata: ansible_host_groups: [ ComputeNodes, CentosNodes ] ansible_ssh_user: ec2-user @@ -271,7 +276,7 @@ resources: key_name: { get_param: ssh_key } name: list_join: [ '-', [ { get_param: "OS::stack_name" }, 'gpudesktopu%index%' ]] - security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID } ] + security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID }, { get_param: SYSLOGSecGroupID } ] metadata: ansible_host_groups: [ DesktopNodes, GPU, ComputeNodes, VisNodes, UbuntuNodes ] ansible_ssh_user: ubuntu @@ -292,7 +297,7 @@ resources: key_name: { get_param: ssh_key } name: list_join: [ '-', [ { get_param: "OS::stack_name" }, 'gpudesktopc%index%' ]] - security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID } ] + security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: SYSLOGSecGroupID } ] metadata: ansible_host_groups: [ DesktopNodes, GPU, ComputeNodes, K1, VisNodes, CentosNodes ] ansible_ssh_user: ec2-user @@ -313,7 +318,7 @@ resources: key_name: { get_param: ssh_key } name: list_join: [ '-', [ { get_param: "OS::stack_name" }, 'computerhel%index%' ]] - security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID } ] + security_groups: [ default, { get_param: SSHMonashSecGroupID }, { get_param: SlurmSecGroupID }, { get_param: NFSSecGroupID }, { get_param: LDAPSecGroupID }, { get_param: SYSLOGSecGroupID } ] metadata: ansible_host_groups: [ DGXRHELNodes, RedhatNodes ] ansible_ssh_user: cloud-user diff --git a/CICD/plays/computenodes.yml b/CICD/plays/computenodes.yml index a2be4e14db1b02de4ae43e2d8e5424d6eb33673a..e94409a3bafbdd3af9ddba7e8d95a813c3a1676b 100644 --- a/CICD/plays/computenodes.yml +++ b/CICD/plays/computenodes.yml @@ -38,6 +38,7 @@ - { role: postfix, tags: [ mail, other ] } - { role: set_semaphore_count, tags: [ semaphore ] } - { role: ldapclient, ssl: false, tags: [ ldapclient ] } + - { role: rsyslog_client, tags: [ syslog ] } - { role: ssh-keepalive, tags: [ ssh ] } - { role: enable_sudo_group, tags: [ authentication ] } diff --git a/CICD/plays/nfssqlnodes.yml b/CICD/plays/nfssqlnodes.yml index e1b66e13a48f8a9a4734dc1128aac45ced1431c2..1bd0ed32c5dedb82347211de949511b7563012dc 100644 --- a/CICD/plays/nfssqlnodes.yml +++ b/CICD/plays/nfssqlnodes.yml @@ -83,3 +83,8 @@ roles: - { role: nfs-server } tags: [ nfs,nfs-server ] + +- hosts: 'LogNodes' + roles: + - { role: etcHosts, tags: [ networking, etcHosts ] } + - { role: rsyslog_server } diff --git a/CICD/vars/vars.yml b/CICD/vars/vars.yml index 8620f51c950e19534b8e44781775641892464047..032abcb7bb4dff8357011c80ebea08842dcea90a 100644 --- a/CICD/vars/vars.yml +++ b/CICD/vars/vars.yml @@ -2,6 +2,7 @@ sudo_group: systems nagios_home: "/var/lib/nagios" nvidia_version: "450.51.06" +syslog_server: "{{ groups['SQLNodes'][0] }}" gpumap: 'K1': 'K1' diff --git a/roles/rsyslog_client/templates/rsyslog.conf.j2 b/roles/rsyslog_client/templates/rsyslog.conf.j2 index ec20e37eed465e52b3c4dbc7053ac2485b3eaeaf..29f2df461eba92703c4268371d303bd735b180fb 100644 --- a/roles/rsyslog_client/templates/rsyslog.conf.j2 +++ b/roles/rsyslog_client/templates/rsyslog.conf.j2 @@ -8,6 +8,7 @@ # The imjournal module bellow is now used as a message source instead of imuxsock. $ModLoad imuxsock # provides support for local system logging (e.g. via logger command) $ModLoad imjournal # provides access to the systemd journal +$ModLoad imfile #$ModLoad imklog # reads kernel messages (the same are read from journald) #$ModLoad immark # provides --MARK-- message capability @@ -79,7 +80,15 @@ uucp,news.crit /var/log/spooler local7.* /var/log/boot.log & @{{ syslog_server }}:514 - +#https://trello.com/c/w0dBcu2t +#https://www.thegeekdiary.com/how-to-send-audit-logs-to-remote-rsyslog-server-in-centos-rhel-67/ +$InputFileName /var/log/audit/audit.log +$InputFileTag tag_audit_log: +$InputFileStateFile audit_log +$InputFileSeverity info +$InputFileFacility local6 +$InputRunFileMonitor +*.* @{{ syslog_server }}:514 # ### begin forwarding rule ### # The statement between the begin ... end define a SINGLE forwarding # rule. They belong together, do NOT split them. If you create multiple diff --git a/roles/rsyslog_server/templates/rsyslog.conf.j2 b/roles/rsyslog_server/templates/rsyslog.conf.j2 index 17ee4286fc32f27ebce4d7563a222a26c673f529..9fb00cdf98221a3d5fd41cb8995b5a3ebf8f58b1 100644 --- a/roles/rsyslog_server/templates/rsyslog.conf.j2 +++ b/roles/rsyslog_server/templates/rsyslog.conf.j2 @@ -72,6 +72,8 @@ uucp,news.crit /var/log/spooler # Save boot messages also to boot.log local7.* /var/log/boot.log +$template HostAudit, "/var/log/rsyslog/%HOSTNAME%/audit_log" +local6.* # ### begin forwarding rule ### # The statement between the begin ... end define a SINGLE forwarding