Solved puppet-agent log

[Sparkee]

I'm working on making sure puppet-agent logs are written to /var/log/puppetlabs/puppet/agent.log only.
By creating /etc/syslog.d/puppet.conf with the following content logs are written to the requested files but they are still written to /var/log/messages

!puppet-agent
*.* /var/log/puppetlabs/puppet/agent.log

I edited /etc/syslog.conf with adding puppet-agent.none but this caused

syslogd: exiting on signal 15

*.notice;puppet-agent.none;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages

And not just puppet-agent but no other logs are written to messages anymore

Any ideas how to solve this?

Ps: editing puppet.conf is not a option

 

[SirDice]

I edited /etc/syslog.conf with adding puppet-agent.none but this caused

puppet-agent is not a valid facility, thus this is an error which causes the entire syslog configuration to fail.

And not just puppet-agent but no other logs are written to messages anymore

Yes, syslogd isn't running anymore, you tried to (re)start it with an invalid configuration.

 

[Sparkee]

Thank you SirDice!
Do you know how to prevent puppet-agent from logging to /var/log/messages?

 

[SirDice]

Was digging around, but so far I can't seem to get it to log to a separate file to begin with.

 

[smithi]

I'm working on making sure puppet-agent logs are written to /var/log/puppetlabs/puppet/agent.log only.
By creating /etc/syslog.d/puppet.conf with the following content logs are written to the requested files but they are still written to /var/log/messages

!puppet-agent
*.* /var/log/puppetlabs/puppet/agent.log

Do you know / can you find out with which facility.level messages are written to that log by puppet-agent?

If something unusual like maybe "localN" (N=0-7) then, as SirDice alluded to, you could use that facility.none in the line for messages.

Any ideas how to solve this?

If facility is unknown there may be something you could try, but a 'spare' facility is the easy way.

 

[SirDice]

What does puppet config print logdest syslogfacility log_level output?

The easiest would be to simply set logdest and logdir in puppet.conf. Or change syslogfacility to local7. But modifying puppet.conf is apparently not an option. By default puppet uses the daemon syslog facility. But filtering that out of /var/log/messages would impact other processes that use the daemon facility for syslog messages too.

 

[Sparkee]

smithi I don't know
SirDice puppet.conf is managed by theforeman-puppet module which is also used to bunch of other Puppet related configuration. However it doesn't have an option to set logdest, that's why it isn't an option.

On Ubuntu I can configure the log file this via /etc/default/puppet

$ cat /etc/default/puppet
# You may specify parameters to the puppet client here
PUPPET_EXTRA_OPTS=--logdest=/var/log/puppetlabs/puppet/agent.log

However I haven't found this option for FreeBSD

$ puppet config print logdest syslogfacility log_level
log_level = notice
logdest =
syslogfacility = daemon

 

[Sparkee]

Note: if we can use rsyslog that's also works.

 

[smithi]

smithi I don't know
SirDice puppet.conf is managed by theforeman-puppet module which is also used to bunch of other Puppet related configuration. However it doesn't have an option to set logdest, that's why it isn't an option.

I see nothing related to puppet-agent at freshports, so gather this isn't ported to FreeBSD as such?

Have you asked maintainer puppet@freebsd.org from other puppet* ports?

$ puppet config print logdest syslogfacility log_level
log_level = notice
logdest =
syslogfacility = daemon

Yes, I expect daemons using daemon facility will use level notice, so if you can't change the facility ...

I'm wondering if I'm reading syslog.conf(5) right, where in the paras beginning 'Each block of lines ...' and 'A program specification ...' it seems to suggest that you could have

!puppet-agent
*.* /var/log/puppetlabs/puppet/agent.log
!-puppet-agent
(line for /var/log/messages)
!*    # clear program spec.
(rest of syslog.conf ...)

caveats:
long shot
can't test it from here
never heard of it before
could be my total fantasy

and you'd have to edit it in /etc/syslog.conf directly.

There must be a better way!

 

[SirDice]

However it doesn't have an option to set logdest, that's why it isn't an option.

This should provide a way to set some variables that aren't explicitly defined in the theforeman/puppet-puppet module.

  $puppet::agent_additional_settings.each |$key,$value| {
    puppet::config::agent { $key: value => $value }
  }

https://github.com/theforeman/puppe...c0d70d986d374c3/manifests/agent/config.pp#L38

So a class like this should set it:

class puppet {
  agent_additional_settings => { logdest => 'puppet-agent.log' },
}

Do you use hiera to set these?

puppet::agent_additional_settings: 
  logdest: 'puppet-agent.log'

I see nothing related to puppet-agent at freshports, so gather this isn't ported to FreeBSD as such?

It's just sysutils/puppet7 or sysutils/puppet8. Before 4.0 you could run it in 'agent' or 'master' mode, but the 'master' mode was removed entirely and nowadays you need to use sysutils/puppetserver7 (or 8) for the server part. You generally run puppet agent -t, hence the 'agent' moniker.

 

[Sparkee]

SirDice horray!
Both the class and the hiera worked, the logs are only written to /var/log/puppetlabs/puppet/agent.log, /var/log/messages stays clean.
Thank you so much ?

Info: Applying configuration version '1686536756'
Notice: /Stage[main]/Puppet::Config/Concat[/usr/local/etc/puppet/puppet.conf]/File[/usr/local/etc/puppet/puppet.conf]/content:
--- /usr/local/etc/puppet/puppet.conf    2023-06-14 19:15:51.018688000 +0000
+++ /tmp/puppet-file20230616-35933-t4x08p    2023-06-16 17:32:38.786305000 +0000
@@ -20,6 +20,7 @@
     default_schedules = false
     environment = lab
     localconfig = $vardir/localconfig
+    logdest = /var/log/puppetlabs/puppet/agent.log
     masterport = 8140
     noop = false
     report = true

With that I can mark this resolved.

 

[Sparkee]

Note: setting this will hide the output of $ sudo puppet agent -t
You can add logdest = /var/log/puppetlabs/puppet/agent.log,console to the config to have the output saved to log and echoed to the console