View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000697 | Community.cacert.org | public | 2009-03-02 10:10 | 2009-06-15 12:27 | |
Reporter | Daniel Black | Assigned To | Daniel Black | ||
Priority | normal | Severity | feature | Reproducibility | always |
Status | needs work | Resolution | open | ||
Summary | 0000697: centralised logging for the community/lists/email/webmail set of servers | ||||
Description | centralising logging adds some integrity to the logs generated. The following steps allow a log server to capture multiple logs. The second step is to allow the vserver guests read only access. | ||||
Additional Information | install syslog-ng configure as follows: following configuration in /etc/syslog-ng/syslog-ng.conf. source s_all { internal(); unix-stream("/dev/log"); file("/proc/kmsg" log_prefix("kernel: ")); udp(); }; # some standard log files - small variation of default configuration destination df_auth { file("/var/log/$HOST/auth.log"); }; destination df_syslog { file("/var/log/$HOST/syslog"); }; destination df_cron { file("/var/log/$HOST/cron.log"); }; destination df_daemon { file("/var/log/$HOST/daemon.log"); }; destination df_kern { file("/var/log/$HOST/kern.log"); }; destination df_lpr { file("/var/log/$HOST/lpr.log"); }; destination df_mail { file("/var/log/$HOST/mail.log"); }; destination df_user { file("/var/log/$HOST/user.log"); }; destination df_uucp { file("/var/log/$HOST/uucp.log"); }; ... destination df_debug { file("/var/log/$HOST/debug"); }; destination df_messages { file("/var/log/$HOST/messages"); }; destination df_apache_errors { file("/var/log/$HOST/apache_errors"); }; destination df_apache_access { file("/var/log/$HOST/apache_access"); }; destination df_sympa { file("/var/log/$HOST/sympa"); }; ... filter f_apache_errors { facility(local0); }; filter f_apache_access { facility(local1); }; filter f_sympa { facility(local3); }; log { source(s_all); filter(f_apache_errors); destination(df_apache_errors); }; # apache.access /var/log/apache_accesss log { source(s_all); filter(f_apache_access); destination(df_apache_access); }; # sympa /var/log/$HOST/sympa log { source(s_all); filter(f_sympa); destination(df_sympa); }; to ensure rotation /etc/logrotate.d/syslog-ng on the server are like: /var/log/*/auth.log { rotate 65535 dateext missingok notifempty weekly compress } vserver guests only need to be like (replacing HOSTIP with an IP): /etc/syslog.conf # Apache error log local0.* @HOSTIP # Apache access log local1.* @HOSTIP # sympa logs /etc/sympa/facility local3.* @HOSTIP *.* @HOSTIP | ||||
Tags | No tags attached. | ||||
|
and making the logs viewable on the vserver guests again: editing the /etc/vservers/{servername}/fstab with an entry like: /var/log/{IP} /var/log/remote none ro,bind 0 0 will create a readonly view of the syslog in the directory /var/log/remote on the vserver guest. To effect this change: /usr/sbin/vmount {vserver-name} -a |
Date Modified | Username | Field | Change |
---|---|---|---|
2009-03-02 10:10 | Daniel Black | New Issue | |
2009-03-02 10:11 | Daniel Black | Note Added: 0001287 | |
2009-03-09 05:02 | Daniel Black | Status | new => needs work |
2009-03-09 05:02 | Daniel Black | Assigned To | => Sourcerer |
2009-06-15 12:27 | Daniel Black | Assigned To | Sourcerer => Daniel Black |