|
Size: 588
Comment:
|
Size: 2247
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 2: | Line 2: |
'''`syslog(8)`''' is a logging facility that also supports routing log messages over the network. |
|
| Line 9: | Line 11: |
| == FreeBSD == | == Installation == In most distributions, the best implementation of a syslog daemon is `syslog-ng`. The BSDs offer a `syslogd` package. For [[Docker]] or [[Podman]] containers, use the `balabit/syslog-ng` image. This is the correct upstream project. ---- == Configuration == === Syslog-Ng === A basic configuration for `syslog-ng(8)` is: {{{ source src_my_containers { tcp("0.0.0.0" port(601)); } destination dest_my_promtail { syslog("my-promtail-hostname" transport("tcp") port(601)); } log { source(src_my_containers); destination(dest_my_promtail); } }}} This would be written to `/etc/syslog-ng/syslog-ng.conf`. === Syslogd === The BSD `syslogd(8)` needs disparate configuration on both the client and server. First, the service should be started on the client with: {{{ syslogd_enable="YES" syslogd_flags="-s" }}} This blocks accepting messages on this client. Second, the service should be started on the server with: {{{ syslogd_enable="YES" syslogd_flags="-a client.example.com" }}} This allows accepting messages from `client.example.com`. The services should be configured in `/etc/syslog.conf`. Note that the patterns and directives can be separated by spaces or tabs. For the server, try: {{{ +client.example.com *.* /var/log/client.log }}} For the client, try: {{{ *.* @server.example.com }}} Finally the services can be (re)started. {{{ service syslogd restart }}} ---- == Usage == === FreeBSD Implementation === |
Syslogd
syslog(8) is a logging facility that also supports routing log messages over the network.
Installation
In most distributions, the best implementation of a syslog daemon is syslog-ng.
The BSDs offer a syslogd package.
For Docker or Podman containers, use the balabit/syslog-ng image. This is the correct upstream project.
Configuration
Syslog-Ng
A basic configuration for syslog-ng(8) is:
source src_my_containers {
tcp("0.0.0.0" port(601));
}
destination dest_my_promtail {
syslog("my-promtail-hostname" transport("tcp") port(601));
}
log {
source(src_my_containers);
destination(dest_my_promtail);
}This would be written to /etc/syslog-ng/syslog-ng.conf.
Syslogd
The BSD syslogd(8) needs disparate configuration on both the client and server.
First, the service should be started on the client with:
syslogd_enable="YES" syslogd_flags="-s"
This blocks accepting messages on this client.
Second, the service should be started on the server with:
syslogd_enable="YES" syslogd_flags="-a client.example.com"
This allows accepting messages from client.example.com.
The services should be configured in /etc/syslog.conf. Note that the patterns and directives can be separated by spaces or tabs.
For the server, try:
+client.example.com *.* /var/log/client.log
For the client, try:
*.* @server.example.com
Finally the services can be (re)started.
service syslogd restart
Usage
FreeBSD Implementation
FreeBSD's syslogd(8) has distinct options. See their documentation here.
Option |
Description |
-C |
Create log files if they don't exist |
-s |
Disable logging messages from remote hosts |
-ss |
Disable all network sockets, effectively disabling remote logging |