Puppet Class: profile::logster_alarm

Defined in:
modules/profile/manifests/logster_alarm.pp

Overview



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# File 'modules/profile/manifests/logster_alarm.pp', line 1

class profile::logster_alarm {

    require_package(['python-yaml',
                    'python-ipaddress'])

    file{ '/etc/logster':
        ensure => 'directory',
        owner  => 'root',
        group  => 'deployment',
        mode   => '0675',
    }

    file{ '/etc/logster/badpass-priv.yaml':
        ensure => 'file',
        owner  => 'root',
        group  => 'deployment',
        mode   => '0675',
    }

    file{ '/etc/logster/csp.yaml':
        ensure => 'file',
        owner  => 'root',
        group  => 'deployment',
        mode   => '0675',
    }

    file{ '/srv/security':
        ensure => 'directory',
        owner  => 'root',
        group  => 'root',
        mode   => '0655',
    }

    file{ '/srv/security/logs':
        ensure => 'directory',
        owner  => 'root',
        group  => 'root',
        mode   => '0655',
    }

    file{ '/srv/security/logs/archive':
        ensure => 'directory',
        owner  => 'root',
        group  => 'root',
        mode   => '0655',
    }

    file{ '/etc/logrotate.d/security-mw':
        source => 'puppet:///modules/profile/logster_alarm/security.logrotate',
        owner  => 'root',
        group  => 'root',
        mode   => '0644',
    }

    file{ '/usr/lib/python2.7/dist-packages/logster/parsers/AlarmCounterLogster.py':
        source => 'puppet:///modules/profile/logster_alarm/AlarmCounterLogster.py',
        owner  => 'root',
        group  => 'root',
        mode   => '0644',
    }

    logster::job{'csp':
        parser          => '--output stdout AlarmCounterLogster',
        logfile         => '/srv/mw-log/csp-report-only.log',
        logster_options => "--parser-option='-a /etc/logster/csp.yaml -s /srv/security/logs/csp-report-only.log -n CSP -e security-admin-feed@lists.wikimedia.org,logsteralarms@wikimedia.org'",
    }

    logster::job{'badpass_priv':
        parser          => '--output stdout AlarmCounterLogster',
        logfile         => '/srv/mw-log/badpass-priv.log',
        logster_options => "--parser-option='-a /etc/logster/badpass-priv.yaml -s /srv/security/logs/badpass-priv.log -n badpass-priv -e security-admin-feed@lists.wikimedia.org,logsteralarms@wikimedia.org -t 2'",
    }

    # TODO: set configurable rate to alarm
    # logster::job{'badpass':
    #    parser          => '--output stdout AlarmCounterLogster',
    #    logfile         => '/srv/mw-log/badpass.log',
    #    logster_options => "--parser-option='-a /etc/logster/badpass -s /srv/security/logs/badpass.log -n badpass -e logsteralarms@wikimedia.org'",
    #}
}