Home > ServerTemplates > v13.5 LTS > ST > Logging with rsyslog (v13.5 LTS)

MindTouch
Copyright (c) 2006-2014 MindTouch Inc.
http://mindtouch.com

This file and accompanying files are licensed under the MindTouch Master Subscription Agreement (MSA).

At any time, you shall not, directly or indirectly: (i) sublicense, resell, rent, lease, distribute, market, commercialize or otherwise transfer rights or usage to: (a) the Software, (b) any modified version or derivative work of the Software created by you or for you, or (c) MindTouch Open Source (which includes all non-supported versions of MindTouch-developed software), for any purpose including timesharing or service bureau purposes; (ii) remove or alter any copyright, trademark or proprietary notice in the Software; (iii) transfer, use or export the Software in violation of any applicable laws or regulations of any government or governmental agency; (iv) use or run on any of your hardware, or have deployed for use, any production version of MindTouch Open Source; (v) use any of the Support Services, Error corrections, Updates or Upgrades, for the MindTouch Open Source software or for any Server for which Support Services are not then purchased as provided hereunder; or (vi) reverse engineer, decompile or modify any encrypted or encoded portion of the Software.

A complete copy of the MSA is available at http://www.mindtouch.com/msa

Logging with rsyslog (v13.5 LTS)

Table of Contents    

Long Term Support

Stable, tested ServerTemplate assets

   ►  Overview

 

Description

Launch a dedicated logging server that serves as a central logging destination for servers in a deployment. It can also be used to integrate with other 3rd party logging providers.

Technical Overview

Software Application Versions

  • Rsyslog 5.8

Authentication

Use the SSL Certificate input to establish secure encrypted connections (using Stunnel) between the rsyslog server and its clients by using the SSL certificate and key for authentication purposes. By default, the input is set to use a credential called LOGGING_SSL_CRED. Therefore, you should create a credential called LOGGING_SSL_CRED that contains both the SSL certificate and key.

Security and Firewall Permissions

By default, log data is sent to the logging server using the UDP protocol (Logging Protocol) on port 514. If you are launching the rsyslog server in a cloud that uses security groups (i.e. Amazon EC2), you must create a security group with UDP port 514 open so that the rsyslog server can collect log data from each client server.

RELP Support for Log Data Delivery

Rsyslog includes support for the reliable event logging protocol (RELP), which guarantees delivery of event logging messages. When a connection is lost, you cannot reliably detect whether or not the last messages sent actually reached their destination. Unlike the syslog protocol, RELP works with a backchannel, over which information about received messages is conveyed back to the sender. This enables RELP to know which messages have been properly received when a connection has been lost.

Log Example

Log data for all rsyslog client servers is saved locally on the rsyslog server in /var/log/messages with the client's private IP address (if available) as a prefix for identification purposes. (e.g. ip-10-244-165-15)  See example output below.

# Note: When using newer images (>5.8/13.4), ensure that you have the 'server_superuser' permission to the Rightscale account where the server is running in order to gain root privileges using the sudo command (Settings > Account Settings > Users).
# sudo -i
# tail -f /var/log/messages
...
Feb 13 17:39:26 ip-10-245-20-219 RightLink[1340]: 17:39:26:   Updating iptables rule for IP Address: 10.253.39.203
Feb 13 17:39:26 ip-10-245-20-219 RightLink[1340]: 17:39:26: ruby_block[Adding firewall rule] called
Feb 13 17:39:26 ip-10-245-20-219 RightLink[1340]: 17:39:26: Chef Run complete in 3.178113 seconds
Feb 13 17:39:26 ip-10-245-20-219 RightLink[23782]: [cook] Disconnecting from agent (4 responses pending)
Feb 13 17:39:26 ip-10-245-20-219 RightLink[1340]: SEND b1 [push v20] (394 bytes) <> <1bd563311b78c96f4cbf2bb1ef942d8d> /updater/update_inputs, persistent
Feb 13 17:39:26 ip-10-245-20-219 RightLink[23782]: [cook] Process stopping
Feb 13 17:39:28 ip-10-245-27-18 RightLink[2385]: Converging
Feb 13 17:39:28 ip-10-245-27-18 RightLink[2385]: 17:39:28: *** Chef 0.10.10.2 ***
Feb 13 17:39:29 ip-10-245-27-18 RightLink[18907]: Opening new HTTP connection to 169.254.169.254:80

Log Data Backups

The ServerTemplate does not have built-in support for storing log data on volumes. It also does not contain any scripts that support backups of the log files. All log entries are stored locally on the rsyslog server's ephemeral drive and will be lost when the server is terminated. Therefore, you should only use his ServerTemplate for development and testing purposes only. If log data must persist after the logging server is terminated, you should consider using a third-party logging service or application such as Loggly or Splunk.

You must to post a comment.
Last Modified
13:39, 11 Sep 2013

Tags

Classifications

This page has no classifications.

Announcements

None

Glossary | 用語용어 Site Map | Site Help Community Corporate Site Get Support Dashboard Login
Doc Feedback Product Feedback Resources MultiCloud Marketplace Forums

Dashboard Status


© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.