From 01d239e76364f5761508c0a307eb15d171065cbb Mon Sep 17 00:00:00 2001
From: Armando Acosta <armando.acosta@oracle.com>
Date: Fri, 9 Aug 2024 14:11:49 -0600
Subject: [PATCH] Add ansible remediation

For rsyslog_cron_logging rule

Signed-off-by: Armando Acosta <armando.acosta@oracle.com>
---
 .../rsyslog_cron_logging/ansible/shared.yml   | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/ansible/shared.yml

diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/ansible/shared.yml b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/ansible/shared.yml
new file mode 100644
index 00000000000..4b39d6207d5
--- /dev/null
+++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/ansible/shared.yml
@@ -0,0 +1,27 @@
+# platform = multi_platform_all
+# reboot = false
+# strategy = configure
+# complexity = low
+# disruption = low
+
+-   name: "{{{ rule_title }}} - Search if cron configuration exists"
+    ansible.builtin.command: 'grep -s "^\s*cron\.\*\s*/var/log/cron$" /etc/rsyslog.conf /etc/rsyslog.d/*.conf'
+    register: cron_log_config_exists
+    failed_when: false
+
+-   name: "{{{ rule_title }}} - Ensure the /etc/rsyslog.d directory exists"
+    ansible.builtin.file:
+        path: /etc/rsyslog.d
+        state: directory
+
+-   name: "{{{ rule_title }}} - Add cron log configuration line"
+    ansible.builtin.lineinfile:
+        path: /etc/rsyslog.d/cron.conf
+        line: "cron.*  /var/log/cron"
+        create: true
+    when: cron_log_config_exists.stdout_lines | length == 0
+
+-   name: "{{{ rule_title }}} - Restart the rsyslog service now"
+    ansible.builtin.service:
+        name: rsyslog
+        state: restarted