Can you setup cfengine 3.5 to log all messages to /var/log/cfgengine instead of /var/log/messages?

411 views
Skip to first unread message

jab2805

unread,
Jul 11, 2014, 2:20:55 PM7/11/14
to help-c...@googlegroups.com
Hi All,

Can you setup cfengine 3.5  to log all messages to /var/log/cfgengine instead of /var/log/messages? If you can how is it setup?

Neil Watson

unread,
Jul 14, 2014, 8:52:11 AM7/14/14
to help-c...@googlegroups.com
You can set CFEngine's log facilities, then configure syslog to use a
another file.
https://docs.cfengine.com/docs/3.5/reference-components-cfagent.html#agentfacility

--
Neil H Watson
Compliance reporting with CFEngine Community http://evolvethinking.com/products/delta-reporting/
Simplify CFEngine with EFL http://evolvethinking.com/evolve-thinkings-free-cfengine-library/
VIM and Cfengine https://github.com/neilhwatson/vim_cf3
CFEngine support and training from Evolve Thinking, http://evolvethinking.com

jab2805

unread,
Jul 14, 2014, 12:33:50 PM7/14/14
to help-c...@googlegroups.com


On Friday, July 11, 2014 2:20:55 PM UTC-4, jab2805 wrote:
Hi All,

Can you setup cfengine 3.5  to log all messages to /var/log/cfgengine instead of /var/log/messages? If you can how is it setup?


Thanks Neil for the Help!!

I added the following to my conf:

   1.  To the  "/var/cfengine/masterfiles/controls/cf_agent.cf"

       ** I Added line 27 to the  file. **

[root@lvcf0001 controls]# cat -n cf_agent.cf
     1  ###############################################################################
     2  # This part is for cf-agent
     3  #
     4  # Settings describing the details of the fixed behavioural promises made by
     5  # cf-agent.
     6  ###############################################################################
     7
     8  body agent control
     9
    10  {
    11  # Global default for time that must elapse before promise will be rechecked.
    12  # Don't keep any promises.
    13
    14   any::
    15
    16   # This should normally be set to an interval like 1-5 mins
    17   # We set it to one initially to avoid confusion.
    18
    19    ifelapsed => "1";
    20      # Do not rely on DNS
    21     skipidentify => "true";
    22     editfilesize => "5000000";
    23     # Write to allclasses.txt
    24     allclassesreport => "true";
    25     auditing  => "false";
    26     syslog => "true";
    27     agentfacility => "LOG_LOCAL6";
    28
    29
    30   # Do not send IP/name during server connection if address resolution is broken.
    31   # Comment it out if you do NOT have a problem with DNS
    32
    33    skipidentify => "true";
    34
    35   # Environment variables based on Distro
    36
    37   debian::
    38    environment => {
    39                    "DEBIAN_FRONTEND=noninteractive",
    40  #                  "APT_LISTBUGS_FRONTEND=none",
    41  #                  "APT_LISTCHANGES_FRONTEND=none",
    42                   };
    43
    44  }
[root@lvcf0001 controls]#
 

    2. update syslog.conf file on all systems to:

I updated line 9 and added line 30.  Line 9  stops messages for your facility (my case local6) from being logged to /var/log/messages otherwise you will see messages in both files "/var/log/messages" and "/var/log/cfengine.log".

for line 9 See:
http://scratching.psybermonkey.net/2012/05/scratch-of-day-exclude-logging-to.html

Line 30 just tells syslog the facility.




[root@lvws2208 log]# cat -n /etc/syslog.conf
     1  # Log all kernel messages to the console.
     2  # Logging much else clutters up the screen.
     3  #kern.*                                                 /dev/console
     4
     5  # Log anything (except mail) of level info or higher.
     6  # Don't log private authentication messages!
     7
     8
     9  *.info;mail.none;authpriv.none;cron.none;local6.none            /var/log/messages
    10
    11  # The authpriv file has restricted access.
    12  authpriv.*                                              /var/log/secure
    13
    14  # Log all the mail messages in one place.
    15  mail.*                                                  -/var/log/maillog
    16
    17
    18  # Log cron stuff
    19  cron.*                                                  /var/log/cron
    20
    21  # Everybody gets emergency messages
    22  *.emerg                                                 *
    23
    24  # Save news errors of level crit and higher in a special file.
    25  uucp,news.crit                                          /var/log/spooler
    26
    27  # Save boot messages also to boot.log
    28  local7.*                                                /var/log/boot.log
    29  authpriv.*                                              @loghost.private.linksynergy.com
    30  local6.*                                                /var/log/cfengine.log
[root@lvws2208 log]#


 

Shane McEwan

unread,
Jul 15, 2014, 4:39:59 AM7/15/14
to help-c...@googlegroups.com
CFEngine might have a way of redirecting log output but I simply use
Syslog's ability to write logs to different locations. Ubuntu uses
rsyslog so I have a file called /etc/rsyslog.d/20-cfengine.conf that
contains:

##### Cut Here #####
# Save CFEngine log entries in a separate file
:programname, startswith, "cf3" /var/log/cfengine.log
& ~
##### Cut Here #####

Other implementations of Syslog will require a different configuration
but I'm sure most will have the same capability.

I also have a /etc/logrotate.d/cfengine file to rotate the log each day:

##### Cut Here #####
/var/log/cfengine.log {

daily

missingok

rotate 7

compress

delaycompress

notifempty

create 0640 syslog adm

postrotate

reload rsyslog >/dev/null 2>&1 || true

endscript
}
##### Cut Here #####

And, of course, I use CFEngine to actually install and manage these
files on my systems.

Shane.

jab2805

unread,
Jul 15, 2014, 10:26:13 AM7/15/14
to help-c...@googlegroups.com
 That look a lot cleaner! But i'm running an old syslogd 1.4.1. :-(

 

Reply all
Reply to author
Forward
0 new messages