Comment by nodesocket

Comment by nodesocket 2 days ago

2 replies

View on Hacker News

Very nice work. Anyway to specify a group of log files in the config that are shared across many hosts? For example:

  log_files:
    mygroup:
      - /var/log/syslog
      - /var/log/foo
      - /var/log/bar
  log_streams:
    myhost-01:
      hostname: actualhost1.com
      port: 1234
      user: myuser
      log_files: mygroup
    myhost-02:
      hostname: actualhost2.com
      port: 7890
      user: myuser
      log_files: mygroup
    myhost-03:
      hostname: actualhost3.com
      port: 8888
      user: myuser
      log_files: mygroup
dimonomid 2 days ago

Thanks. And no, as of today, there's no way to define a group like that. Might be a viable idea though.

However, before we go there, I want to double check that we're on the same page: this `log_files` field specifies only files _in the same logstream_; meaning, these files need to have consecutive logs. So for example, it can be ["/var/log/syslog", "/var/log/syslog.1"], or it can be ["/var/log/auth.log", "/var/log/auth.log.1"], but it can NOT be something like ["/var/log/syslog", "/var/log/auth.log"].

Reply View 1 reply
  • mdaniel 2 days ago

    At the very grave risk of scope creep, I'll point out that the GP's yaml is very close to an Ansible inventory file so rather than just making up a new structure one could leverage any existing muscle memory (and create helpful defaults for folks who have not yet seen Ansible but have seen your tool)

    https://docs.ansible.com/ansible/11/collections/ansible/buil...

    e.g.

      all:
    children:
      mygroup:
        hosts:
          myhost-01:
            hostname: actualhost1.com
            port: 1234
            user: myuser
          myhost-02:
            hostname: actualhost2.com
            port: 7890
            user: myuser
          myhost-03:
            hostname: actualhost3.com
            port: 8888
            user: myuser
        vars:
          files:
          - /var/log/syslog
          - /var/log/foo
          - /var/log/bar
    That first "children" key is because in ansible's world one can have "vars" and "hosts" that exist at the very top, too; the top-level "vars" would propagate down to all hosts which one can view as "not necessary" in the GP's example, or "useful" if those files are always the same for every single host in the whole collection. Same-same for the "user:" but I wasn't trying to get bogged down in the DRY for this exercise
    Reply View 0 replies