Add lighttpd ostree pull request log filtering

Ostree repo pull requests generates excessive amounts of lighttpd access log entries. This commit configures syslog-ng to filter out any ostree pull related log entry that returns a 200 status code from the lighttpd access log. This commit only filters requests from the /iso/*/ostree_repo/objects/*/*.filez|.dirtree URL, it does not filter request to the /feed/rel- */ostree_repo/objects/... URL. Test Plan: 1. PASS - Install a subcloud and verify that the ostree pull request messages are filtered out from /var/www/var/log/lighttpd-access.log; 2. PASS - Use curl to request invalid files and verify that requests with status code other than 200 are still being logged. 3. PASS - Do a system bring-up test by creating an image with the applied changes and verify that the system installation succeeds and that the syslog-ng and lighttpd services are working. 4. PASS - Verify that Horizon is still able to do HTTP requests. Partial-Bug: #1998837 Signed-off-by: Gustavo Herzmann <gustavo.herzmann@windriver.com> Change-Id: I637e7f1bae362be98f4b88bbc7c0585d1121fe80
3 months ago · 466b382e36
parent a8357be883
commit 466b382e36
1 changed files with 26 additions and 0 deletions
--- a/syslog-ng-config/debian-source/syslog-ng.conf
+++ b/syslog-ng-config/debian-source/syslog-ng.conf
@ -48,6 +48,11 @@ template t_ima_appraise {
  template-escape(no);
 };

+template t_lighttpd {
+  template ("${MSGONLY}\n");
+  template-escape(no);
+};
+
 # First, set some global options.
 options { chain_hostnames(off); flush_lines(0); use_dns(no); use_fqdn(no);
          owner("root"); group("root"); perm(0640); stats_freq(0);
@ -78,6 +83,13 @@ source s_src {
 # UDP source for HAProxy
 source s_udp { udp(ip(127.0.0.1) port(514)); };

+# Lighttpd chrooted syslog source
+source s_lighttpd { unix-stream("/var/www/dev/log"
+                    create-dirs(yes)
+                    dir-perm(0755)
+                    group("sys_protected")
+                    owner("www")); };
+
 ########################
 # Destinations
 ########################
@ -196,6 +208,9 @@ destination d_ppp { file("/var/log/ppp.log"); };
 # Bash history.
 destination d_bash { file("/var/log/bash.log" owner("root") group("root") perm(0600)); };

+# Lighttpd chrooted access log
+destination d_lighttpd { file("/var/www/var/log/lighttpd-access.log" template(t_lighttpd)); };
+
 ########################
 # Filters
 ########################
@ -293,6 +308,14 @@ filter f_vim_webserver { facility(user) and program(VIM-WEB_); };
 # bash Log Filter
 filter f_bash          { facility(user) and program("^(-)?(ba)?(su|sh)$"); };

+# Lighttpd ostree pull requests (using separated message() functions instead
+# of a single regexp matching the whole message to improve performance)
+filter f_lighttpd      { not(message('] "GET /iso/') and
+                             message('" 200 ') and
+                             message(' "libostree/') and
+                             message('/ostree_repo/objects/') and
+                             message("(?:\.filez|\.dirtree) "))};
+
 ########################
 # Log paths
 ########################
@ -372,6 +395,9 @@ log { source(s_src); filter(f_crit);    destination(d_console); };
 # Bash log Path
 log { source(s_src); filter(f_bash); destination(d_bash); };

+# Lighttpd Log Path
+log { source(s_lighttpd); filter(f_lighttpd); destination(d_lighttpd); };
+
 # sshlog definitions
 #
 template t_sshlog {