README.md 1.57 KB
Newer Older
nono's avatar
nono committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
# Logging-LQDN

Configuration des fichiers de log à travers journald, logrotate et auditd.

Sur chaque machine, on considère trois niveaux de log :

- Les logs du Kernel
- Les logs du système & services de base ( connexion SSH, commandes shell )
- Les logs des applications

Ce rôle se charger de plusieurs choses ;
- Il va configurer chaque service ( JournalD, LogRotate, AuditD ) sur les machines
    - Les logs serons envoyés sur une machine adminitratrice pour l'analyse
    - Ils ne seront gardé qu'un temps donné, et anonymisé selon les besoins
    - Ils aurons une configuration spécifique selon le(s) service(s) en route
nono's avatar
nono committed
16

N07070's avatar
N07070 committed
17
18
19
20

Requirements
------------

nono's avatar
nono committed
21
N/A
N07070's avatar
N07070 committed
22
23
24
25

Role Variables
--------------

nono's avatar
nono committed
26
27
28
29
30
31
32
33
34
35
36
37
### JournalD

### LogRotate / Rsyslog

### AuditD

|   Variable    | Valeur par défaut  | Valeurs possibles| Commentaires  |
|---------------|--------------------|------------------|---------------|  
| retention     | 4 ( semaines )       | -1 =< x < 52     |               |
| admin_server         | exemple.fr | IPv4 or IPv6 |                  |               |
| sysadmin_email | example@example.com | Email |    |

N07070's avatar
N07070 committed
38
39
40
41

Dependencies
------------

nono's avatar
nono committed
42
N/A
N07070's avatar
N07070 committed
43
44
45
46
47
48

Example Playbook
----------------

Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:

nono's avatar
nono committed
49
50
51
52
53
    - hosts: admin
      roles:
        - logging-lqdn

    - hosts: server
N07070's avatar
N07070 committed
54
      roles:
nono's avatar
nono committed
55
        - logging-lqdn
N07070's avatar
N07070 committed
56
57
58
59
60
61
62
63
64
65

License
-------

BSD

Author Information
------------------

An optional section for the role authors to include contact information, or a website (HTML is not allowed).