Rsyslog input to fluentd
3,031 views
Skip to first unread message
Sebastian Dahlgren
Oct 2, 2012, 7:05:44 AM10/2/12
to flu...@googlegroups.com
Hi!
I want to send data to fluentd from an rsyslog server, but I could not find any plugins or documentation about it. Is it not possible, or should I use the forward input plugin in some way?
Cheers
Sebastian
Eduardo Aceituno
Oct 2, 2012, 9:08:16 AM10/2/12
to flu...@googlegroups.com
My /etc/rsyslog.conf
# ### begin forwarding rule #### The statement between the begin ... end define a SINGLE forwarding# rule. They belong together, do NOT split them. If you create multiple# forwarding rules, duplicate the whole block!# Remote Logging (we use TCP for reliable delivery)## An on-disk queue is created for this action. If the remote host is# down, messages are spooled to disk and sent when it is up again.$WorkDirectory /var/spool/rsyslog # where to place spool files$ActionQueueFileName fwdRule1 # unique name prefix for spool files$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)$ActionQueueSaveOnShutdown on # save messages to disk on shutdown$ActionQueueType LinkedList # run asynchronously$ActionResumeRetryCount -1 # infinite retries if host is down# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional*.* @192.168.20.6:1514# ### end of the forwarding rule ###
You need to change the ip to ip where fluentd is running with this configuration:
<source>
type syslog
port 1514
tag remote_syslog
</source>
to test add
<match remote_syslog.**>
type stdout
</match>
This basic configurations are working for me
2012/10/2 Sebastian Dahlgren <sebastian...@gmail.com>
Sebastian Dahlgren
Oct 2, 2012, 9:18:50 AM10/2/12
to flu...@googlegroups.com
Splendid, thank you very much, Eduardo!
douy...@gmail.com
May 23, 2014, 5:02:22 AM5/23/14
to flu...@googlegroups.com
在 2012年10月2日星期二UTC+8下午9时18分50秒,Sebastian Dahlgren写道:
My /etc/rsyslog.conf
hi Dahlgren,
I have seen your file above, but the data can't been inputted by mongodb. I want to know if rsyslog made the data inputting directly to mongodb and that port 1514 wasn't run. Do you tell me the reason? thanl a lot
myemail: crazy_...@163.com
Sebastian Dahlgren
May 23, 2014, 5:15:17 AM5/23/14
to flu...@googlegroups.com
Sorry, but this wasn't about MongoDB at all, it was regarding forwarding logs from rsyslog to fluentd.
Sebastian Dahlgren
sebastian dahlgren | sebastian...@gmail.com | +46 760 19 42 40 | www.sebastiandahlgren.se | skype: sebastian.dahlgren | gtalk: sebastian...@gmail.com
--
You received this message because you are subscribed to a topic in the Google Groups "Fluentd Google Group" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/fluentd/r8TlUdYwtSE/unsubscribe.
To unsubscribe from this group and all its topics, send an email to fluentd+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
douy...@gmail.com
May 23, 2014, 5:36:40 AM5/23/14
to flu...@googlegroups.com
thanks a lot ~
this is my fluentd configure
<source>
type syslog
port 1514
tag remote_syslog
</source>
<match>
#plugin type
type forward
<server>
host 127.0.0.1
port 24224
</server>
</match>
<source>
type forward
port 24224
</source>
<match remote_syslog.**>
type mongo
database lblog
collection accesslog
host 127.0.0.1
port 27017
capped
capped_size 800m
retry_limit 10
retry_wait 1s
flush_interval 1s
</match
this is my rsyslog configure
--$template nginxlog,"/home/logs/rsyslog/nginx.log.gzif $syslogfacility-text == 'local2' then ?nginxlog$template @127.0.0.1:1514,"127.0.0.1:1514"if $syslogfacility-text == 'local2' th...@192.168.20.124:1514#:rawmsg, contains, "sdns_log" @@192.168.20.124#:rawmsg, contains, "sdns_log" ~$WorkDirectory /usr/local/nginx/logs/ # where to place spool files
$ActionQueueFileName fwdRule1 # unique name prefix for spool files$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)$ActionQueueSaveOnShutdown on # save messages to disk on shutdown$ActionQueueType LinkedList # run asynchronously$ActionResumeRetryCount -1 # infinite retries if host is down# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#*.* @192.168.20.124:1514Is it ok ? thank you very much. andLook forward to hearing from you
douy...@gmail.com
May 23, 2014, 5:36:51 AM5/23/14
to flu...@googlegroups.com
thanks a lot ~
this is my fluentd configure
<source>
type syslog
port 1514
tag remote_syslog
</source>
$WorkDirectory /usr/local/nginx/logs/ # where to place spool files
$ActionQueueFileName fwdRule1 # unique name prefix for spool files$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)$ActionQueueSaveOnShutdown on # save messages to disk on shutdown$ActionQueueType LinkedList # run asynchronously$ActionResumeRetryCount -1 # infinite retries if host is down# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
#
*.* @192.168.20.124:1514Is it ok ? thank you very much. and
Sebastian Dahlgren
May 23, 2014, 6:50:03 AM5/23/14
to flu...@googlegroups.com
I'm sorry, but as said, the original question here did had nothing at all with MongoDB to do. I think you should open a new question an explain you issue there.
Sebastian Dahlgren
sebastian dahlgren | sebastian...@gmail.com | +46 760 19 42 40 | www.sebastiandahlgren.se | skype: sebastian.dahlgren | gtalk: sebastian...@gmail.com
Reply all
Reply to author
Forward
0 new messages