mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
92 lines
2.8 KiB
Plaintext
92 lines
2.8 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * logging/efk-logging-external.adoc
|
|
|
|
[id="efk-logging-external-syslog_{context}"]
|
|
= Configuring log collector to send logs to an external syslog server
|
|
|
|
Use the `fluent-plugin-remote-syslog` plug-in on the host to send logs to an
|
|
external syslog server.
|
|
|
|
////
|
|
[NOTE]
|
|
====
|
|
For Rsyslog, you can edit the Rsyslog ConfigMap to add support for Syslog log forwarding using the *omfwd* module, see link:https://www.rsyslog.com/doc/v8-stable/configuration/modules/omfwd.html[omfwd: syslog Forwarding Output Module]. To send logs to a different Rsyslog instance, you can the *omrelp* module, see link:https://www.rsyslog.com/doc/v8-stable/configuration/modules/omrelp.html[omrelp: RELP Output Module].
|
|
====
|
|
////
|
|
|
|
.Prerequisite
|
|
|
|
Set cluster logging to the unmanaged state.
|
|
|
|
.Procedure
|
|
|
|
. Set environment variables in the `fluentd` daemonset in the `openshift-logging` project:
|
|
+
|
|
[source,yaml]
|
|
----
|
|
spec:
|
|
template:
|
|
spec:
|
|
containers:
|
|
- name: fluentd
|
|
image: 'registry.redhat.io/openshift4/ose-logging-fluentd:v4.1'
|
|
env:
|
|
- name: REMOTE_SYSLOG_HOST <1>
|
|
value: host1
|
|
- name: REMOTE_SYSLOG_HOST_BACKUP
|
|
value: host2
|
|
- name: REMOTE_SYSLOG_PORT_BACKUP
|
|
value: 5555
|
|
----
|
|
<1> The desired remote syslog host. Required for each host.
|
|
+
|
|
This will build two destinations. The syslog server on `host1` will be
|
|
receiving messages on the default port of `514`, while `host2` will be receiving
|
|
the same messages on port `5555`.
|
|
|
|
. Alternatively, you can configure your own custom the `fluentd` daemonset in the `openshift-logging` project.
|
|
+
|
|
**Fluentd Environment Variables**
|
|
+
|
|
[cols="3,7",options="header"]
|
|
|===
|
|
|Parameter |Description
|
|
|
|
|`USE_REMOTE_SYSLOG`
|
|
|Defaults to `false`. Set to `true` to enable use of the
|
|
`fluent-plugin-remote-syslog` gem
|
|
|
|
|`REMOTE_SYSLOG_HOST`
|
|
|(Required) Hostname or IP address of the remote syslog server.
|
|
|
|
|`REMOTE_SYSLOG_PORT`
|
|
|Port number to connect on. Defaults to `514`.
|
|
|
|
|`REMOTE_SYSLOG_SEVERITY`
|
|
|Set the syslog severity level. Defaults to `debug`.
|
|
|
|
|`REMOTE_SYSLOG_FACILITY`
|
|
|Set the syslog facility. Defaults to `local0`.
|
|
|
|
|`REMOTE_SYSLOG_USE_RECORD`
|
|
|Defaults to `false`. Set to `true` to use the record's severity and facility fields to set on the syslog message.
|
|
|
|
|`REMOTE_SYSLOG_REMOVE_TAG_PREFIX`
|
|
|Removes the prefix from the tag, defaults to `''` (empty).
|
|
|
|
|`REMOTE_SYSLOG_TAG_KEY`
|
|
|If specified, uses this field as the key to look on the record, to set the tag on the syslog message.
|
|
|
|
|`REMOTE_SYSLOG_PAYLOAD_KEY`
|
|
|If specified, uses this field as the key to look on the record, to set the payload on the syslog message.
|
|
|
|
|===
|
|
+
|
|
[WARNING]
|
|
====
|
|
This implementation is insecure, and should only be used in environments
|
|
where you can guarantee no snooping on the connection.
|
|
====
|
|
|