From 2bf9d032a1a83d926c6d5e1d9d9428ba4899c8b2 Mon Sep 17 00:00:00 2001 From: Mark Bonsack Date: Wed, 29 Jan 2020 11:35:49 -0800 Subject: [PATCH 1/3] update context_templates directory * Update `context_templates` to add example extension to allow copying to local mount * No-clobber copy to "non-example" version of context files if they do not exist locally * Make a directory if needed for the disk buffer now that the local mount point is `var` and container doesn't create it for us --- ..._by_source.conf => compliance_meta_by_source.conf.example} | 0 ...ta_by_source.csv => compliance_meta_by_source.csv.example} | 0 .../{splunk_index.csv => splunk_index.csv.example} | 0 ...t_by_source.conf => vendor_product_by_source.conf.example} | 0 ...uct_by_source.csv => vendor_product_by_source.csv.example} | 0 package/sbin/entrypoint.sh | 4 +++- 6 files changed, 3 insertions(+), 1 deletion(-) rename package/etc/context_templates/{compliance_meta_by_source.conf => compliance_meta_by_source.conf.example} (100%) rename package/etc/context_templates/{compliance_meta_by_source.csv => compliance_meta_by_source.csv.example} (100%) rename package/etc/context_templates/{splunk_index.csv => splunk_index.csv.example} (100%) rename package/etc/context_templates/{vendor_product_by_source.conf => vendor_product_by_source.conf.example} (100%) rename package/etc/context_templates/{vendor_product_by_source.csv => vendor_product_by_source.csv.example} (100%) diff --git a/package/etc/context_templates/compliance_meta_by_source.conf b/package/etc/context_templates/compliance_meta_by_source.conf.example similarity index 100% rename from package/etc/context_templates/compliance_meta_by_source.conf rename to package/etc/context_templates/compliance_meta_by_source.conf.example diff --git a/package/etc/context_templates/compliance_meta_by_source.csv b/package/etc/context_templates/compliance_meta_by_source.csv.example similarity index 100% rename from package/etc/context_templates/compliance_meta_by_source.csv rename to package/etc/context_templates/compliance_meta_by_source.csv.example diff --git a/package/etc/context_templates/splunk_index.csv b/package/etc/context_templates/splunk_index.csv.example similarity index 100% rename from package/etc/context_templates/splunk_index.csv rename to package/etc/context_templates/splunk_index.csv.example diff --git a/package/etc/context_templates/vendor_product_by_source.conf b/package/etc/context_templates/vendor_product_by_source.conf.example similarity index 100% rename from package/etc/context_templates/vendor_product_by_source.conf rename to package/etc/context_templates/vendor_product_by_source.conf.example diff --git a/package/etc/context_templates/vendor_product_by_source.csv b/package/etc/context_templates/vendor_product_by_source.csv.example similarity index 100% rename from package/etc/context_templates/vendor_product_by_source.csv rename to package/etc/context_templates/vendor_product_by_source.csv.example diff --git a/package/sbin/entrypoint.sh b/package/sbin/entrypoint.sh index 229a384..8438192 100755 --- a/package/sbin/entrypoint.sh +++ b/package/sbin/entrypoint.sh @@ -15,7 +15,9 @@ gomplate $(find . -name *.tmpl | sed -E 's/^(\/.*\/)*(.*)\..*$/--file=\2.tmpl -- mkdir -p /opt/syslog-ng/etc/conf.d/local/context/ mkdir -p /opt/syslog-ng/etc/conf.d/local/config/ -cp --verbose -n /opt/syslog-ng/etc/context_templates/* /opt/syslog-ng/etc/conf.d/local/context/ +mkdir -p /opt/syslog-ng/var/data/disk-buffer/ +cp --verbose /opt/syslog-ng/etc/context_templates/* /opt/syslog-ng/etc/conf.d/local/context/ +for file in /opt/syslog-ng/etc/conf.d/local/context/*.example ; do cp --verbose -n $file ${file%.example}; done cp --verbose -R /opt/syslog-ng/etc/local_config/* /opt/syslog-ng/etc/conf.d/local/config/ echo syslog-ng checking config From bdf793de0dfd741c86dde0bf206ba9c1648d08bb Mon Sep 17 00:00:00 2001 From: mbonsack Date: Wed, 29 Jan 2020 12:11:29 -0800 Subject: [PATCH 2/3] Update entrypoint.sh --- package/sbin/entrypoint.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/sbin/entrypoint.sh b/package/sbin/entrypoint.sh index 8438192..7f0b376 100755 --- a/package/sbin/entrypoint.sh +++ b/package/sbin/entrypoint.sh @@ -16,7 +16,7 @@ gomplate $(find . -name *.tmpl | sed -E 's/^(\/.*\/)*(.*)\..*$/--file=\2.tmpl -- mkdir -p /opt/syslog-ng/etc/conf.d/local/context/ mkdir -p /opt/syslog-ng/etc/conf.d/local/config/ mkdir -p /opt/syslog-ng/var/data/disk-buffer/ -cp --verbose /opt/syslog-ng/etc/context_templates/* /opt/syslog-ng/etc/conf.d/local/context/ +cp /opt/syslog-ng/etc/context_templates/* /opt/syslog-ng/etc/conf.d/local/context/ for file in /opt/syslog-ng/etc/conf.d/local/context/*.example ; do cp --verbose -n $file ${file%.example}; done cp --verbose -R /opt/syslog-ng/etc/local_config/* /opt/syslog-ng/etc/conf.d/local/config/ @@ -24,4 +24,4 @@ echo syslog-ng checking config /opt/syslog-ng/sbin/syslog-ng -s >/var/log/syslog-ng.out 2>/var/log/syslog-ng.err echo syslog-ng starting -exec /opt/syslog-ng/sbin/syslog-ng $@ \ No newline at end of file +exec /opt/syslog-ng/sbin/syslog-ng $@ From 849a3b95b04dfaea878e70f332100f6c7cc2aa0d Mon Sep 17 00:00:00 2001 From: Mark Bonsack Date: Thu, 30 Jan 2020 10:26:57 -0800 Subject: [PATCH 3/3] Remove specific disk buffer directory; use defaults * Remove reference to specific disk buffer directory; allow unerlying syslog-ng to use default location for disk buffer files --- package/etc/conf.d/destinations/splunk_hec.conf.tmpl | 1 - package/sbin/entrypoint.sh | 1 - 2 files changed, 2 deletions(-) diff --git a/package/etc/conf.d/destinations/splunk_hec.conf.tmpl b/package/etc/conf.d/destinations/splunk_hec.conf.tmpl index eb19250..68320bc 100644 --- a/package/etc/conf.d/destinations/splunk_hec.conf.tmpl +++ b/package/etc/conf.d/destinations/splunk_hec.conf.tmpl @@ -25,7 +25,6 @@ destination d_hec { reliable(no) {{- end}} disk-buf-size({{conv.ToInt64 (math.Round ( math.Div (getenv "SC4S_DEST_SPLUNK_HEC_DISKBUFF_DISKBUFSIZE" "53687091200") (getenv "SC4S_DEST_SPLUNK_HEC_WORKERS" "10")))}}) - dir("/opt/syslog-ng/var/data/disk-buffer/") ) {{- end}} tls(peer-verify({{- getenv "SC4S_DEST_SPLUNK_HEC_TLS_VERIFY" "yes"}}) diff --git a/package/sbin/entrypoint.sh b/package/sbin/entrypoint.sh index 7f0b376..799b191 100755 --- a/package/sbin/entrypoint.sh +++ b/package/sbin/entrypoint.sh @@ -15,7 +15,6 @@ gomplate $(find . -name *.tmpl | sed -E 's/^(\/.*\/)*(.*)\..*$/--file=\2.tmpl -- mkdir -p /opt/syslog-ng/etc/conf.d/local/context/ mkdir -p /opt/syslog-ng/etc/conf.d/local/config/ -mkdir -p /opt/syslog-ng/var/data/disk-buffer/ cp /opt/syslog-ng/etc/context_templates/* /opt/syslog-ng/etc/conf.d/local/context/ for file in /opt/syslog-ng/etc/conf.d/local/context/*.example ; do cp --verbose -n $file ${file%.example}; done cp --verbose -R /opt/syslog-ng/etc/local_config/* /opt/syslog-ng/etc/conf.d/local/config/