From b8d09dee65214dbe03761451a8e8f601d35d7413 Mon Sep 17 00:00:00 2001
From: Steve Smith <ssmith@atlassian.com>
Date: Tue, 4 Feb 2020 09:02:52 +1100
Subject: [PATCH] DCD-930: Consolidate log definitions and forward audit logs
 to cloudwatch.

---
 group_vars/aws_node_local.yml                 | 25 ++++++++++++-------
 roles/aws_common/defaults/main.yml            |  7 ++++--
 .../templates/amazon-cloudwatch-agent.json.j2 | 14 +++--------
 3 files changed, 24 insertions(+), 22 deletions(-)

diff --git a/group_vars/aws_node_local.yml b/group_vars/aws_node_local.yml
index bed9cb2..bf6b6f6 100644
--- a/group_vars/aws_node_local.yml
+++ b/group_vars/aws_node_local.yml
@@ -34,20 +34,27 @@ atl_product_installation_versioned: "{{ atl_product_installation_base }}/{{ atl_
 atl_product_installation_current: "{{ atl_product_installation_base }}/current"
 atl_installer_temp: "{{ atl_installation_base }}/tmp"
 
-atl_product_log_locations:
+atl_product_logs_default: &logs_default
+  - path: "{{ atl_product_installation_current }}/logs/*"
+    type: product
+  - path: "{{ atl_product_home }}/logs/*"
+    type: product
+  - path: "{{ atl_product_home }}/logs/audit/*"
+    type: audit
+  - path: "/var/log/ansible-bootstrap.log"
+    type: provisioning
+  - path: "/var/log/cfn-*.log"
+    type: provisioning
+
+atl_product_logs:
   confluence:
-    - "{{ atl_product_installation_current }}/logs"
-    - "{{ atl_product_home }}/logs"
+    *logs_default
   jira:
-    - "{{ atl_product_installation_current }}/logs"
-    - "{{ atl_product_home }}/log"
+    *logs_default
   stash:
-    - "{{ atl_product_home }}/log"
+    *logs_default
   crowd: []
 
-atl_provisioner_log_locations:
-  - "/var/log/ansible-bootstrap.log"
-  - "/var/log/cfn-*.log"
 
 #  The following are imports from the environment. These are generally
 #  set in /etc/atl by the CloudFormation template and sourced before
diff --git a/roles/aws_common/defaults/main.yml b/roles/aws_common/defaults/main.yml
index d43b4c4..4aa3f4c 100644
--- a/roles/aws_common/defaults/main.yml
+++ b/roles/aws_common/defaults/main.yml
@@ -10,5 +10,8 @@ atl_aws_enable_cloudwatch_logs: false
 # Mostly for molecule testing, as skip-tags doesn't work with handlers.
 atl_aws_agent_restart: true
 
-atl_aws_log_group: "{{ atl_product_edition }}-{{ atl_aws_stack_name }}"
-atl_aws_provisioning_log_group: "{{ atl_aws_log_group }}-provisioning"
+atl_aws_log_group_base: "{{ atl_product_edition }}-{{ atl_aws_stack_name }}"
+atl_aws_log_groups:
+  product: "{{ atl_aws_log_group_base }}"
+  audit: "{{ atl_aws_log_group_base }}-audit"
+  provisioning: "{{ atl_aws_log_group_base }}-provisioning"
diff --git a/roles/aws_common/templates/amazon-cloudwatch-agent.json.j2 b/roles/aws_common/templates/amazon-cloudwatch-agent.json.j2
index 81caac2..cebec1e 100644
--- a/roles/aws_common/templates/amazon-cloudwatch-agent.json.j2
+++ b/roles/aws_common/templates/amazon-cloudwatch-agent.json.j2
@@ -11,19 +11,11 @@
           "collect_list": [
 
             {% set comma = joiner(',') %}
-            {% for path in atl_product_log_locations[atl_product_family] %}
+            {% for logspec in atl_product_logs[atl_product_family] %}
               {{ comma() }}
               {
-                "file_path": "{{ path }}/*",
-                "log_group_name": "{{ atl_aws_log_group }}",
-                "log_stream_name": "{instance_id}"
-              }
-            {% endfor %}
-            {% for path in atl_provisioner_log_locations %}
-              {{ comma() }}
-              {
-                "file_path": "{{ path }}",
-                "log_group_name": "{{ atl_aws_provisioning_log_group }}",
+                "file_path": "{{ logspec.path }}",
+                "log_group_name": "{{ atl_aws_log_groups[logspec.type] }}",
                 "log_stream_name": "{instance_id}"
               }
             {% endfor %}