f5os_logging – Manage logging settings

New in version 1.10.0.

Synopsis

  • Enable / disable remote logging
  • Specify to include hostname
  • Specify remote servers
  • Specify logs and files to forward to the remote server
  • Specify TLS settings (cert, key, trusted CA) for mTLS
  • This Module is not idempotent due to API restrictions

Parameters

Parameter Choices/Defaults Configuration Comments
ca_bundles
list / elements=dictionary
S
p
e
c
i
f
i
e
s
t
h
e
t
r
u
s
t
e
d
C
A
b
u
n
d
l
e
s
f
o
r
m
u
t
u
a
l
T
L
S
w
i
t
h
T
C
P
l
o
g
f
o
r
w
a
r
d
i
n
g
content
string
S
p
e
c
i
f
i
e
s
c
e
r
t
i
f
i
c
a
t
e
f
i
l
e
s
i
n
P
E
M
f
o
r
m
a
t
name
string
S
p
e
c
i
f
i
e
s
t
h
e
n
a
m
e
f
o
r
t
h
e
b
u
n
d
l
e
include_hostname
boolean
    Choices:
  • no
  • yes
S
p
e
c
i
f
i
e
s
w
h
e
t
h
e
r
o
r
n
o
t
t
o
i
n
c
l
u
d
e
t
h
e
h
o
s
t
n
a
m
e
i
n
t
h
e
l
o
g
m
e
s
s
a
g
e
s
remote_forwarding
dictionary
S
p
e
c
i
f
i
e
s
l
o
g
s
a
n
d
f
i
l
e
s
f
o
r
r
e
m
o
t
e
f
o
r
w
a
r
d
i
n
g
enabled
boolean
    Choices:
  • no
  • yes
E
n
a
b
l
e
s
r
e
m
o
t
e
l
o
g
f
o
r
w
a
r
d
i
n
g
files
list / elements=dictionary
S
p
e
c
i
f
i
e
s
t
h
e
f
i
l
e
s
t
o
b
e
s
e
n
t
t
o
r
e
m
o
t
e
s
e
r
v
e
r
s
name
string
S
p
e
c
i
f
i
e
s
t
h
e
f
i
l
e
p
a
t
h
(
s
t
a
r
t
i
n
g
f
r
o
m
t
h
e
l
o
g
d
i
r
e
c
t
o
r
y
)
t
h
a
t
s
h
a
l
l
b
e
f
o
r
w
a
r
d
e
d
logs
list / elements=dictionary
S
p
e
c
i
f
i
e
s
t
h
e
l
o
g
s
t
o
b
e
s
e
n
t
t
o
r
e
m
o
t
e
s
e
r
v
e
r
s
facility
string
F
i
l
t
e
r
l
o
g
s
o
n
f
a
c
i
l
i
t
y
.
severity
string
    Choices:
  • debug
  • informational
  • notice
  • warning
  • error
  • critical
  • alert
  • emergency
S
p
e
c
i
f
y
t
h
e
m
i
n
i
m
u
m
s
e
v
e
r
i
t
y
t
o
b
e
f
o
r
w
a
r
d
e
d
t
o
r
e
m
o
t
e
s
e
r
v
e
r
s
servers
list / elements=dictionary
S
p
e
c
i
f
i
e
s
t
h
e
l
o
g
s
e
r
v
e
r
s
address
string
S
p
e
c
i
f
i
e
s
t
h
e
s
e
r
v
e
r
s
I
P
a
d
d
r
e
s
s
.
authentication
boolean
    Choices:
  • no
  • yes
Specifies if the system uses mutual TLS to transfer logs encrypted and authenticated.
The client certificate and key are to be specified in the tls parameter.
Only applies for protocol(tcp).
logs
list / elements=dictionary
S
p
e
c
i
f
i
e
s
t
h
e
l
o
g
s
t
o
b
e
s
e
n
t
t
o
t
h
i
s
s
p
e
c
i
f
i
c
s
e
r
v
e
r
facility
string
    Choices:
  • local0
  • authpriv
F
i
l
t
e
r
l
o
g
s
o
n
f
a
c
i
l
i
t
y
l
o
c
a
l
0
o
r
a
u
t
h
p
r
i
v
.
severity
string
    Choices:
  • debug
  • informational
  • notice
  • warning
  • error
  • critical
  • alert
  • emergency
S
p
e
c
i
f
y
t
h
e
m
i
n
i
m
u
m
s
e
v
e
r
i
t
y
t
o
b
e
f
o
r
w
a
r
d
e
d
t
o
t
h
i
s
s
e
r
v
e
r
port
integer
S
p
e
c
i
f
i
e
s
t
h
e
t
r
a
n
s
p
o
r
t
l
a
y
e
r
p
o
r
t
protocol
string
    Choices:
  • tcp
  • udp
S
p
e
c
i
f
i
e
s
t
h
e
t
r
a
n
s
p
o
r
t
l
a
y
e
r
p
r
o
t
o
c
o
l
state
string
    Choices:
  • present ←
  • absent
If present, creates/updates the specified setting if necessary.
If absent, deletes the specified setting if it exists.
tls
dictionary
S
p
e
c
i
f
i
e
s
t
h
e
T
L
S
c
e
r
t
i
f
i
c
a
t
e
a
n
d
k
e
y
f
o
r
m
u
t
u
a
l
T
L
S
w
i
t
h
T
C
P
l
o
g
f
o
r
w
a
r
d
i
n
g
certificate
string
S
p
e
c
i
f
i
e
s
t
h
e
T
L
S
c
e
r
t
i
f
i
c
a
t
e
key
string
S
p
e
c
i
f
i
e
s
t
h
e
T
L
S
k
e
y

Examples

- name: Configure TLS settings
  f5os_logging:
    tls:
      certificate: <Cert as PEM>
      key: <KEY as PEM>
    ca_bundles:
      - name: "test"
        content: <Bundle as PEM>
      - name: "test2"
        content: <Bundle as PEM>

- name: Create logservers
  f5os_logging:
    servers:
      - address: 1.2.3.4
        protocol: udp
        port: 514
        logs:
          - facility: local0
            severity: notice
          - facility: authpriv
            severity: notice
      - address: 1.2.3.5
        protocol: udp
        port: 514
        logs:
          - facility: local0
            severity: notice
          - facility: authpriv
            severity: notice

- name: Send hostname
  f5os_logging:
    include_hostname: true

- name: Configure Remote Forwarding
  f5os_logging:
    remote_forwarding:
      enabled: true
      logs:
        - facility: local0
          severity: informational
        - facility: authpriv
          severity: notice
        - facility: auth
          severity: emergency
      files:
        - name: ansible.log
        - name: audit/
        - name: boot.log

- name: Remove logservers
  f5os_logging:
    servers:
      - address: 1.2.3.4
        protocol: udp
        port: 514
        logs:
          - facility: local0
            severity: notice
          - facility: authpriv
            severity: notice
      - address: 1.2.3.5
        protocol: udp
        port: 514
        logs:
          - facility: local0
            severity: notice
          - facility: authpriv
            severity: notice
    state: absent

- name: Disable sending of hostname
  f5os_logging:
    include_hostname: false

- name: Remove Remote Forwarding config
  f5os_logging:
    remote_forwarding:
      enabled: true
      logs:
        - facility: local0
          severity: informational
        - facility: authpriv
          severity: notice
        - facility: auth
          severity: emergency
      files:
        - name: ansible.log
        - name: audit/
        - name: boot.log
    state: absent

- name: Remove TLS settings
  f5os_logging:
    tls:
      certificate: <Cert as PEM>
      key: <KEY as PEM>
    ca_bundles:
      - name: "test"
        content: <Bundle as PEM>
      - name: "test2"
        content: <Bundle as PEM>
    state: absent

Return Values

The following are the fields unique to this module:

Key Returned Description
ca_bundles
string
changed
CA bundles
include_hostname
string
changed
inclusion of hostname in logs
remote_forwarding
string
changed
forwarding settings for log files
servers
string
changed
Remote Log server configs
tls
string
changed
TLS settings


Status

Authors

  • Martin Vogel (@MVogel91)