From 7056507aa9f44e87d43de071d43ec94256b8bf76 Mon Sep 17 00:00:00 2001
From: Patrick Toal <ptoal@takeflight.ca>
Date: Thu, 18 Jan 2024 07:59:42 -0500
Subject: [PATCH] Working alertmanager source.  Starting playbook to clean
 logfiles

---
 playbooks/clean_logs.yml            | 23 ++++++++++++++++++++++
 rulebooks/alertmanager_listener.yml | 30 +++++++++++++++++------------
 2 files changed, 41 insertions(+), 12 deletions(-)
 create mode 100644 playbooks/clean_logs.yml

diff --git a/playbooks/clean_logs.yml b/playbooks/clean_logs.yml
new file mode 100644
index 0000000..cf87152
--- /dev/null
+++ b/playbooks/clean_logs.yml
@@ -0,0 +1,23 @@
+---
+- name: Clean log directory
+  hosts: all
+  tasks:
+    - name: Find files in directory ending in .log or .log.tgz larger than 1GB
+      ansible.builtin.find:
+        paths: /var/log
+        patterns: '*.log,*.log.tgz'
+        size: 1g
+      register: logfiles
+
+   #  - name: Copy files to archive server
+   #    ansible.builtin.copy:
+   #      src: "{{ item.path }}"
+   #      dest: "{{ archive_server_path }}/{{ item.path | basename }}"
+   #    delegate_to: "{{ archive_server }}"
+   #    loop: "{{ logfiles.files |flatten(levels=1) }}"
+
+    - name: Delete files
+      ansible.builtin.file:
+        path: "{{ item.path }}"
+        state: absent
+      loop: "{{ logfiles.files | flatten(levels=1) }}"
diff --git a/rulebooks/alertmanager_listener.yml b/rulebooks/alertmanager_listener.yml
index 8a74456..c326dd9 100644
--- a/rulebooks/alertmanager_listener.yml
+++ b/rulebooks/alertmanager_listener.yml
@@ -10,15 +10,21 @@
     - name: Run Template
       condition:
         all:
-          - event.alert.labels.org == "OYS"
-          - event.alert.labels.alertname == "root filesystem over 80% full"
-          - event.alert.labels.mountpoint == '/'
-      action:
-        run_job_template:
-          name: Demo - Clean Log Directory
-          organization: OYS
-          job_args:
-            extra_vars:
-              alertmanager_annotations: "{{ event.annotations }}"
-              alertmanager_generator_url: "{{ event.generatorURL }}"
-              event_mountpoint: "{{ event.mountpoint }}"
+          - event.alert.labels.org == "OYS" and event.alert.status == "firing" and event.alert.labels.alertname == "root filesystem over 80% full"
+      actions:
+        - print_event:
+            pretty: true
+        - run_job_template:
+            name: Demo - Clean Log Directory
+            organization: OYS
+            job_args:
+              extra_vars:
+                alertmanager_annotations: "{{ event.alert.annotations }}"
+                alertmanager_generator_url: "{{ event.alert.generatorURL }}"
+                event_mountpoint: "{{ event.alert.labels.mountpoint }}"
+                alertmanager_instance: "{{ event.alert.labels.instance }}"
+    - name: Test Contact Point
+      condition: event.alert.labels.alertname == "TestAlert" or event.alert.labels.org == "OYS"
+      actions:
+        - print_event:
+            pretty: true