openstack
/
ansible-role-collect-logs
Code Issues Proposed changes

use sova to check for selinux denials 

sova is already parsing logs for common errors.
Should be an easy win to flag selinux denials

Change-Id: I5afd3998cce051905f7a972089230003a0a59d87
This commit is contained in:
Wes Hayutin 2020-09-11 07:17:35 -06:00
parent f8b71834a1
commit 0d20ac4696
2 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
tasks/sova.yml
View File

@ -13,5 +13,6 @@
"ironic-conductor": "/var/log/containers/ironic/ironic-conductor.log" "ironic-conductor": "/var/log/containers/ironic/ironic-conductor.log"
syslog: "/var/log/journal.txt" syslog: "/var/log/journal.txt"
logstash: "/var/log/extra/logstash.txt" logstash: "/var/log/extra/logstash.txt"
selinux: "/var/log/extra/denials.txt"
result: "{{ ansible_user_dir }}/workspace/logs/failures_file" result: "{{ ansible_user_dir }}/workspace/logs/failures_file"
result_file_dir: "{{ ansible_user_dir }}/workspace/logs" result_file_dir: "{{ ansible_user_dir }}/workspace/logs"

6
vars/sova-patterns.yml
View File

@ -775,3 +775,9 @@ patterns:
msg: 'Introspection failed, cannot get IP address' msg: 'Introspection failed, cannot get IP address'
tag: 'infra' tag: 'infra'
pattern: 'socket.error: [Errno 99] Cannot assign requested address' pattern: 'socket.error: [Errno 99] Cannot assign requested address'
"selinux":
- id: 700
logstash: 'denied'
msg: 'selinux denials found'
tag: 'code'
pattern: 'denied'