Review syslog SOP

Signed-off-by: Michal Konečný <mkonecny@redhat.com>

modules/sysadmin_guide/nav.adoc

@@ -104,7 +104,7 @@
 ** xref:sshknownhosts.adoc[SSH known hosts Infrastructure - SOP]
 ** xref:staging.adoc[Staging - SOP]
 ** xref:status-fedora.adoc[Fedora Status Service - SOP]
-** xref:syslog.adoc[syslog - SOP in review ]
+** xref:syslog.adoc[Log Infrastructure - SOP]
 ** xref:tag2distrepo.adoc[tag2distrepo - SOP in review ]
 ** xref:torrentrelease.adoc[torrentrelease - SOP in review ]
 ** xref:unbound.adoc[unbound - SOP in review ]

modules/sysadmin_guide/pages/syslog.adoc

@@ -13,10 +13,8 @@ Owner:::
   Fedora Infrastructure Team
 Contact:::
   #fedora-admin, sysadmin-main
-Location:::
-  Phoenix
 Servers:::
-  log01.phx2.fedoraproject.org
+  log01.iad2.fedoraproject.org
 Purpose:::
   Provides our central logs and reporting
 
@@ -38,14 +36,11 @@ These logs are maintained forever, practically, or for as long as we
 possibly can. They are broken out into a `$hostname/$YEAR/$MON/$DAY`
 directory structure so we can locate a specific day's log immediately.
 * Log reports generated by epylog: Log reports generated by epylog are
-outputted to /srv/web/epylog/merged
-+
-The reports are accessible via a web browser from
-https://admin.fedoraproject.org/epylog/merged/
+outputted to `/srv/web/epylog/merged`
 +
 This path requires a username and a password to access. To add your
 username and password you must first join the sysadmin-logs group then
-login to `log01.phx2.fedoraproject.org` and run this command:
+login to `log01.iad2.fedoraproject.org` and run this command:
 +
 ....
 htpasswd -m /srv/web/epylog/.htpasswd $your_username
@@ -55,20 +50,19 @@ when prompted for a password please input a password which is NOT YOUR
 FEDORA ACCOUNT SYSTEM PASSWORD.
 
 [IMPORTANT]
-.Important
 ====
 Let's say that again to be sure you got it:
 
-DO _link:[NOT] HAVE THIS BE THE SAME AS YOUR FAS PASSWORD
+DO *NOT* HAVE THIS BE THE SAME AS YOUR FAS PASSWORD
 ====
 
-== Configs:
+== Configs
 
 Epylog configs are controlled by ansible - please see the ansible epylog
 module for more details. Specifically the files in
 `roles/epylog/files/merged/`
 
-=== Generating a one-off epylog report:
+=== Generating a one-off epylog report
 
 If you wish to generate a specific log report you will need to run the
 following command on log01:
@@ -81,7 +75,7 @@ You can replace '5h' with other time measurements to control the amount
 of time you want to view from the merged logs. This will mail a report
 notification to all the people in the sysadmin-logs group.
 
-=== Audit logs, centrally:
+=== Audit logs, centrally
 
 We've taken the audit logs and enabled our rsyslogd on the hosts to
 relay the audit log contents to our central log server.
@@ -114,7 +108,6 @@ allow syslogd_t auditd_log_t:file { getattr read open };
 END selinux policy module
 ____
 
-[arabic, start=2]
 . add config to rsyslog on the clients to repeatedly send all changes to
 their audit.log file to the central syslog server as local6:
 +
@@ -135,7 +128,6 @@ ____
 then modify your emitter to the syslog server to send local6.* there
 ____
 
-[arabic, start=3]
 . on the syslog server - setup log destinations for:
 * merged audit logs of all hosts explicitly drop any non-AVC audit
 message here) magic exclude line is:
@@ -161,7 +153,7 @@ grep 'hostname' /var/log/merged/audit.log | sed 's/^.*tag_audit_log: //' | audit
 the sed is to remove the log prefix garbage from syslog transferring the
 msg
 
-== Future:
+== Future
 
 * additional log reports for errors from http processes or servers
 * SEC Simple Event Coordinator to report, immediately, on events from a