[202305][rsyslog]: Remote logging with the highest rule priority (#21993)

nazariig · web-flow · commit e974ff3e524c · 2025-05-06T11:18:33.000+08:00
Why I did it This fix resolves issue with missing certain types of messages while forwarding to the remote server. Basically, this moves remote syslog forwarding rules to be executed before any other instructions take place, so everything received by a local syslog instance will be forwarded to the remote machine. The fix allows remote forwarding of messages defined as: https://github.com/sonic-net/sonic-buildimage/blob/master/files/image_config/rsyslog/rsyslog.d/00-sonic.conf.j2 Work item tracking N/A How I did it Moved rsyslog remote forwarding rules to be on top of other syslog instructions How to verify it Enable remote syslog forwarding Check for message patterns defined as 00-sonic.conf.j2
diff --git a/files/image_config/rsyslog/rsyslog.conf.j2 b/files/image_config/rsyslog/rsyslog.conf.j2
@@ -58,34 +58,6 @@ template(name="WelfRemoteFormat" type="string" string="%TIMESTAMP% id=firewall t
 :::date-year%-%timereported:::date-month%-%timereported:::date-day% %timereported:::date-hour%:%timereported:::date-minute%:%timereported\
 :::date-second%\" fw=\"{{ fw_name }}\" pri=%syslogpriority% msg=\"%syslogtag%%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\"\n")
 
-#
-# Set the default permissions for all log files.
-#
-$FileOwner root
-$FileGroup adm
-$FileCreateMode 0640
-$DirCreateMode 0755
-$Umask 0022
-
-#
-# Where to place spool and state files
-#
-$WorkDirectory /var/spool/rsyslog
-
-#
-# Include all config files in /etc/rsyslog.d/
-#
-$IncludeConfig /etc/rsyslog.d/*.conf
-
-#
-# Suppress duplicate messages and report "message repeated n times"
-#
-$RepeatedMsgReduction on
-
-###############
-#### RULES ####
-###############
-
 #
 # Remote syslog logging
 #
@@ -128,3 +100,31 @@ $RepeatedMsgReduction on
 *.{{ severity }}
 action(type="omfwd" Target="{{ server }}" Port="{{ port }}" Protocol="{{ proto }}" Template="{{ template }}"{{ options }})
 {% endfor %}
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner root
+$FileGroup adm
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+
+#
+# Where to place spool and state files
+#
+$WorkDirectory /var/spool/rsyslog
+
+#
+# Include all config files in /etc/rsyslog.d/
+#
+$IncludeConfig /etc/rsyslog.d/*.conf
+
+#
+# Suppress duplicate messages and report "message repeated n times"
+#
+$RepeatedMsgReduction on
+
+###############
+#### RULES ####
+###############
diff --git a/src/sonic-config-engine/setup.cfg b/src/sonic-config-engine/setup.cfg
@@ -0,0 +1,2 @@
+[aliases]
+test=pytest
diff --git a/src/sonic-config-engine/tests/test_cfggen_from_yang.py b/src/sonic-config-engine/tests/test_cfggen_from_yang.py
@@ -104,12 +104,10 @@ def test_portchannel_table(self):
         assert(output == \
             {'PortChannel1001': {'admin_status': 'up',
                       'lacp_key': 'auto',
-                      'members': ['Ethernet0', 'Ethernet4'],
                       'min_links': '1',
                       'mtu': '9100'},
             'PortChannel1002': {'admin_status': 'up',
                       'lacp_key': 'auto',
-                      'members': ['Ethernet16', 'Ethernet20'],
                       'min_links': '1',
                       'mtu': '9100'}})
 
@@ -194,7 +192,8 @@ def test_acl_rule(self):
             "EVERFLOW|Rule2": {
                 "DST_IP": "192.169.10.1/32",
                 "SRC_IP": "10.10.1.1/16",
-                "IP_TYPE": "IPV4"
+                "IP_TYPE": "IPV4",
+                "PRIORITY": "101"
             }
         })
 
diff --git a/src/sonic-config-engine/tests/test_yang_data.json b/src/sonic-config-engine/tests/test_yang_data.json
@@ -98,21 +98,13 @@
             "PORTCHANNEL_LIST": [
                 {
                     "admin_status": "up",
-                    "members": [
-                        "Ethernet0",
-                        "Ethernet4"
-                    ],
                     "min_links": "1",
                     "mtu": "9100",
                     "lacp_key": "auto",
                     "name": "PortChannel1001"
                 },
                 {
                     "admin_status": "up",
-                    "members": [
-                        "Ethernet16",
-                        "Ethernet20"
-                    ],
                     "min_links": "1",
                     "mtu": "9100",
                     "lacp_key": "auto",
@@ -300,7 +292,8 @@
                     "DST_IP": "192.169.10.1/32",
                     "SRC_IP": "10.10.1.1/16",
                     "IP_TYPE": "IPV4",
-                    "RULE_NAME": "Rule2"
+                    "RULE_NAME": "Rule2",
+                    "PRIORITY": 101
                 }
             ]
         }
