nginx send log to remote syslog server
That functionality was once reserved to the commercial variant of nginx, but has since been included in the OS version. You can use the nginx module ngx_http_log_module
for that.
Here's a link to the module documentation, explaining the setup and configuration:
http://nginx.org/en/docs/http/ngx_http_log_module.html
Usage
Syntax:
access_log path [format [buffer=size [flush=time]] [if=condition]];
access_log path format gzip[=level] [buffer=size] [flush=time] [if=condition];
access_log syslog:server=address[,parameter=value] [format [if=condition]];
access_log off;
Default:
access_log logs/access.log combined;
Context: http, server, location, if in location, limit_except
The 3rd form is the one you want to use:
access_log syslog:server=address[,parameter=value] [format [if=condition]];
Include the IP address of the remote server where Syslog is running.
Related videos on Youtube
![slm](https://i.stack.imgur.com/6fMZI.png?s=256&g=1)
slm
Worked in the tech field for over 20+ years. Started out learning basic on an Apple IIe then on a TRS-80. Been interested in computer hardware and software my entire life. Consider myself lucky that my hobby as a kid/adult is what I get to do everyday earning a living. You can learn more about me here. ============================================================ Stolen from @Mokubai: First, please put down the chocolate-covered banana and step away from the European currency systems. You may consider how to ask a question.
Updated on September 18, 2022Comments
-
slm almost 2 years
I wnat to send
nginx
access log to a remotesyslog-ng
server. I installedsyslog-ng
on each side (server-client).Client: 10.10.10.2 Server: 10.10.10.1
Some log files (messages,syslog,mail.log) are successfully sent to the server from the client, but not the
nginx
log. Server config:source s_net { tcp(ip(0.0.0.0) port(1999) tls( key_file("/etc/syslog-ng/key.d/privkey.pem") cert_file("/etc/syslog-ng/cert.d/cacert.pem") peer_verify(optional-untrusted)) ); }; destination d_net_nginx_access { file("/mnt/syslog_storage/HOSTS/$HOST /nginx.access.log"); }; filter f_nginx_access { program("nginx") }; log { source(s_net); filter(f_nginx_access); destination(d_net_nginx_access); };
Client config:
source s_src { system(); internal(); }; destination tls_log { tcp("10.10.10.1" port(1999) tls( ca_dir("/etc/syslog-ng/ca.d")) );}; destination d_nginx_access { file("/var/log/nginx/nginx.access.log"); }; filter f_nginx { program("nginx"); }; log { source(s_src); filter(f_nginx); destination(d_nginx_access); }; # All messages send to a remote site # log { source(s_src); destination(tls_log); };
What am I missing here?
-
Jens Bornschein almost 10 yearsThere is a nice reply on the same issue here that should help you out.
-