Source logcheck ignore file from outside

2022-12-21 11:28:44 +01:00 · 2022-12-21 11:28:44 +01:00 · 1de4e1ddd1
commit 1de4e1ddd1
parent ac7405204a
3 changed files with 11 additions and 13 deletions
--- a/system/base/logs/files/ignore
+++ b/system/base/logs/files/ignore
@ -1,12 +0,0 @@
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: (Starting|Stopping) [ +[:alnum:]/\-]+\.(\.\.)?$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: Finished (Cleanup of Temporary Directories|Online ext4 Metadata Check for All Filesystems|Podman auto-update service)\.$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: (apt-daily\.service|apt-daily-upgrade\.service|man-db\.service|sanoid\.service|syncoid-batch\.service): Consumed ([0-9]{1,2}min )?[0-9]{1,2}\.[0-9]{3}s CPU time\.$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: rsyslog\.service: Sent signal SIGHUP to main process [[:digit:]]+ (rsyslogd) on client request\.$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: var-lib-containers-storage-overlay\.mount: Succeeded\.$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ sanoid\[[0-9]+\]: INFO: .*$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ sanoid\[[0-9]+\]: taking snapshot .*$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ syncoid-batch\[[0-9]+\]: INFO: .*$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ syncoid-batch\[[0-9]+\]: NEWEST SNAPSHOT: .*$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ syncoid-batch\[[0-9]+\]: Sending incremental .*$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ systemd\[[0-9]+\]: Finished (Snapshot ZFS filesystems|Prune ZFS snapshots|Replicate snapshots using syncoid)\.$
 ^[[:alpha:]]{3} [ :[:digit:]]{11} [._[:alnum:]\-]+ kernel: \[[0-9]+\.[0-9]+\] audit: type=1326 audit\([.:0-9]+): auid=[0-9]+ uid=[0-9]+ gid=[0-9]+ ses=[0-9]+ subj=unconfined pid=[0-9]+ comm="git-remote-http" exe="/usr/libexec/git-core/git-remote-https" sig=0 arch=c000003e syscall=324 compat=0 ip=[[:alnum:]]+ code=0x50000$
--- a/system/base/logs/meta/argument_specs.yml
+++ b/system/base/logs/meta/argument_specs.yml
@ -0,0 +1,10 @@
 ---
 argument_specs:
  main:
    options:
      ansible_hostname:
        type: "str"
        required: true
      system_base_logs_ignore_file:
        type: "str"
        required: false
--- a/system/base/logs/tasks/main.yml
+++ b/system/base/logs/tasks/main.yml
@ -13,7 +13,7 @@
 - name: "logs : configure logcheck ignores"
  ansible.builtin.copy:
-    src: "./ignore"
+    src: "{{ system_base_logs_ignore_file }}"
    dest: "/etc/logcheck/ignore.d.server/{{ ansible_hostname }}"
    group: "logcheck"
    mode: 0644