System Log Receiver in Contrail Analytics
Overview
The contrail-collector process on the Contrail Analytics node can act as a system log receiver.
Redirecting System Logs to Contrail Collector
You can enable the contrail-collector to receive system logs
by giving a valid syslog_port
as a command
line option:
--DEFAULT.syslog_port <arg>
or by adding syslog_port
in the DEFAULT
section of the configuration file at /etc/contrail/contrail-collector.conf
.
For nodes to send system logs to the contrail-collector, the system log configuration for the node should be set up to direct the system logs to contrail-collector.
Example
Add the following line in /etc/rsyslog.d/50-default.conf
on an Ubuntu system to redirect the system logs to contrail-collector.
*.* @<collector_ip>:<collector_syslog_port> :: @ for udp, @@ for tcp
The logs can be retrieved by using Contrail tool, either by using the contrail-logs utility on the analytics node or by using the Contrail user interface on the system log query page.
Exporting Logs from Contrail Analytics
You can also export logs stored in Contrail analytics to another
system log receiver by using the contrail-logs
utility.
The contrail-logs utility can take these options: --send-syslog, --syslog-server, --syslog-port,
to query
Contrail analytics, then send the results as system logs to a system
log server. This is an on-demand command, one can write a cron job
or a job that continuously invokes contrail-logs
to achieve continuous sending of logs to another system log server.