cisco.intersight.intersight_syslog_policy module – Syslog Policy configuration for Cisco Intersight

Note

This module is part of the cisco.intersight collection (version 2.2.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.intersight.

To use it in a playbook, specify: cisco.intersight.intersight_syslog_policy.

Synopsis

  • Manages Syslog Policy configuration on Cisco Intersight.

  • This policy configures local logging severity and up to two remote syslog server destinations for managed devices.

  • For more information see Cisco Intersight.

Parameters

Parameter

Comments

api_key_id

string / required

Public API Key ID associated with the private key.

If not set, the value of the INTERSIGHT_API_KEY_ID environment variable is used.

api_private_key

path / required

Filename (absolute path) or string of PEM formatted private key data to be used for Intersight API authentication.

If a string is used, Ansible vault should be used to encrypt string data.

Ex. ansible-vault encrypt_string –vault-id tme@/Users/dsoper/Documents/vault_password_file ‘—–BEGIN EC PRIVATE KEY—–

<your private key data>

—–END EC PRIVATE KEY—–’

If not set, the value of the INTERSIGHT_API_PRIVATE_KEY environment variable is used.

api_uri

string

URI used to access the Intersight API.

If not set, the value of the INTERSIGHT_API_URI environment variable is used.

Default: "https://intersight.com/api/v1"

description

aliases: descr

string

The user-defined description for the Syslog Policy.

first_remote_logging_enabled

boolean

If true, enables the first remote syslog server destination.

Choices:

  • false ← (default)

  • true

first_remote_logging_hostname

string

Hostname or IP Address of the first syslog server where log should be stored.

This parameter is required if first_remote_logging_enabled is true.

first_remote_logging_minimum_severity

string

Lowest level of messages to be included in the first remote log.

Choices:

  • "warning" ← (default)

  • "emergency"

  • "alert"

  • "critical"

  • "error"

  • "notice"

  • "informational"

  • "debug"

first_remote_logging_port

integer

Port number used for logging on first syslog server.

Default: 514

first_remote_logging_protocol

string

Transport layer protocol for transmission of log messages to first syslog server.

Choices:

  • "udp" ← (default)

  • "tcp"

local_logging_minimum_severity

string

Lowest level of messages to be included in the local log.

Choices:

  • "warning" ← (default)

  • "emergency"

  • "alert"

  • "critical"

  • "error"

  • "notice"

  • "informational"

  • "debug"

name

string / required

The name assigned to the Syslog Policy.

organization

string

The name of the Organization this resource is assigned to.

Default: "default"

second_remote_logging_enabled

boolean

If true, enables the second remote syslog server destination.

Choices:

  • false ← (default)

  • true

second_remote_logging_hostname

string

Hostname or IP Address of the second syslog server where log should be stored.

This parameter is required if second_remote_logging_enabled is true.

second_remote_logging_minimum_severity

string

Lowest level of messages to be included in the second remote log.

Choices:

  • "warning" ← (default)

  • "emergency"

  • "alert"

  • "critical"

  • "error"

  • "notice"

  • "informational"

  • "debug"

second_remote_logging_port

integer

Port number used for logging on second syslog server.

Default: 514

second_remote_logging_protocol

string

Transport layer protocol for transmission of log messages to second syslog server.

Choices:

  • "udp" ← (default)

  • "tcp"

state

string

If present, will verify the resource is present and will create if needed.

If absent, will verify the resource is absent and will delete if needed.

Choices:

  • "present" ← (default)

  • "absent"

tags

list / elements=dictionary

List of tags in Key:<user-defined key> Value:<user-defined value> format.

use_proxy

boolean

If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.

Choices:

  • false

  • true ← (default)

validate_certs

boolean

Boolean control for verifying the api_uri TLS certificate

Choices:

  • false

  • true ← (default)

Examples

- name: Create a Syslog Policy with one remote server enabled
  cisco.intersight.intersight_syslog_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: "Syslog-Policy-PROD"
    description: "Syslog policy for production servers"
    tags:
      - Key: "Env"
        Value: "Production"
    local_logging_minimum_severity: "notice"
    first_remote_logging_enabled: true
    first_remote_logging_hostname: "10.10.10.50"
    first_remote_logging_port: 514
    first_remote_logging_protocol: "udp"
    first_remote_logging_minimum_severity: "informational"

- name: Create a Syslog Policy with only local logging configured
  cisco.intersight.intersight_syslog_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: "Syslog-Policy-Local-Only"
    description: "Send only critical local logs"
    local_logging_minimum_severity: "critical"

- name: Delete a Syslog Policy
  cisco.intersight.intersight_syslog_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: "Syslog-Policy-PROD"
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

api_repsonse

dictionary

The API response output returned by the specified resource.

Returned: always

Sample: {"api_response": {"LocalClients": [{"ClassId": "syslog.LocalFileLoggingClient", "MinSeverity": "critical", "ObjectType": "syslog.LocalFileLoggingClient"}], "Name": "Syslog-Policy-Local-Only", "ObjectType": "syslog.Policy", "Tags": []}}

Authors

  • Ron Gershburg (@rgershbu)