Skip to content

Commit

Permalink
improvement(syslog-ng): filter audit prints
Browse files Browse the repository at this point in the history
since in recent release of scylla audit is enabled by default
we are filtering it by default for the time being.

in some nemesis code we are doing lots of seperate commands which
generate too many audit events, that make our logging system out
of sync with the test flow, and generate false positives.
  • Loading branch information
fruch committed Dec 9, 2024
1 parent ca9d4de commit 1427fcc
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion sdcm/provision/common/utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,13 @@ def configure_syslogng_target_script(hostname: str = "") -> str:
write_syslog_ng_destination
if ! grep -P "log {{.*destination\\\\(remote_sct\\\\)" /etc/syslog-ng/syslog-ng.conf; then
echo "log {{ source($source_name); destination(remote_sct); }};" >> /etc/syslog-ng/syslog-ng.conf
echo "
filter filter_sct {{
# filter audit out
not program(\\"^audit\\");
}};
" >> /etc/syslog-ng/syslog-ng.conf
echo "log {{ source($source_name); filter(filter_sct); destination(remote_sct); }};" >> /etc/syslog-ng/syslog-ng.conf
fi
if [ ! -z "{hostname}" ]; then
Expand Down

0 comments on commit 1427fcc

Please sign in to comment.