View Source:
ArtifactorySystemdLogging
!!! Logging to Systemd with Artifactory By default, [[https://www.jfrog.com/artifactory/|Artifactory]] sends it's log messages to <code>$ARTIFACTORY_HOME/logs/artifactory.log</code>. This is fine, but it's handy to also send the log files to the system log. This is expecially true if you use a modern linux that runs systemd, as systemd provides the journalctl utility to display and filter logs. Jfrog has [[https://www.jfrog.com/confluence/display/RTF/Artifactory+Log+Files|this page]] about logging to syslog, and the information there is generally correct. However, it's not complete. The following is my complete guide to sending artifactory logs to syslog. !! Syslog Listener Artifactory uses the java logging tool [[http://logback.qos.ch/|logback]], which supports sending logs to syslog. That should work fine, but there's one annoying catch: [[https://bz.apache.org/bugzilla/show_bug.cgi?id=44839|logback does not support unix sockets]]. It only supports udp sockets. That means you have to have some sort of network listener set up to receive syslog messages, even when your syslog is on the same server. Fortunately, you can use [[http://www.dest-unreach.org/socat/|socat]] as a minimal listener and forwarder. You actually could use netcat, but socat is better for some reason (I think maybe because it can accept multiple incoming streams?) ! Create Systemd configuration I found some [[https://johnlane.ie/receive-remote-syslog-into-systemd.html|excellent info]] about how to both set up the listener and do some post-processing to clean up the logs. That example covers more ground than I cared about, so I took the basic idea and ran with it. Create the file <code>/etc/systemd/system/syslogRelay.service</code>: <pre> [Unit] Before=artifactory.service Description=localhost syslog relay [Service] ExecStart=/bin/sh -c 'socat -u UDP-RECV:514,range=127.0.0.1/32 STDOUT | /usr/local/bin/syslog-formatter.sh' Restart=on-success User=root </pre> Note that this is sort of secure because of the <code>range</code> restriction to only accept connections from localhost. However, for real security you should also make sure the firewall on your server is blocking UDP port 514 from outside connections too. Note also that the ~ExecStart is wrapped in <code>/bin/sh</code>. That's because although ~ExecStart lines look like they are invoked with the shell, they aren't. They are more like a bare <code>execve</code> call, which just execs the first argument and then feeds the following arguments to the resulting process. That means for example that you can't use shell pipes in ~ExecStart. ! Formatter Script Create <code>/usr/local/bin/syslog-formatter.sh</code> as follows: <pre> #!/usr/bin/env bash # Pretty up the logback output by removing the date, time, etc. and # then send it to systemd. Otherwise a lot of info is duplicated. sed -u -e "s/^ *<.* \[/[/" | systemd-cat -t artifactory </pre> don't forget to chmod that file to 755 and make sure it's owned by root. It's nice to use systemd-cat because you can supply the log name via the <code>-t</code> switch, which makes your logs more readable. Now you can fire up the listener with <code>systemctl start syslogRelay.service</code>. Test the listener by sending some udp data to port 514: <pre> echo "hi there" | nc -u localhost 514 </pre> (you have to hit ctrl-c to exit that command) Run <code>journalctl -u artifactory</code> as root to see if the message made it in to the log. If it didn't work, check journalctl for error messages, and run <code>systemctl status syslogRelay</code> to see why the syslogRelay service isn't running. !! Artifactory Configuration Now we are in the home stretch. We've got a working listener on the box, so all we need to do now is modify the artifactory configuration. Open up the file <code>$ARTIFACTORY_HOME/etc/logback.xml</code> and add an additional appender in the <code>configuration</code> section. It should look like this: <pre> <appender name="SYSLOG" class="ch.qos.logback.classic.net.SyslogAppender"> <syslogHost>localhost</syslogHost> <facility>SYSLOG</facility> <suffixPattern>[%thread] %logger %msg\n</suffixPattern> </appender> </pre> Note the <code>\n</code> at the end of the log line! If you don't add that, some artifactory log messages will spew out in super long lines and be impossible to read. Finally, in the <code>root</code> section, tell logback to actually use your new appender: <pre> <appender-ref ref="SYSLOG"/> </pre> That's it! Logback will automatically re-read it's configuration file and start sending logs to systemd. Don't worry, it will still send the logs to the standard <code>artifactory.log</code> file as well (as long as you don't remove that appender from <code>logback.xml</code>). You can also issue a <code>systemctl restart artifactory</code> if you want to immedieately generate some artifactory log output. !!!Conclusion Well, that's about all there is to putting artifactory logs in to systemd. It's annoying that logback's lack of support for unix sockets forces you to run a mini syslog server, but it does work. I hope some of you find this helpful. ----- CategoryLinuxStuff%%% CategoryGeekStuff
Please enable JavaScript to view the
comments powered by Disqus.
HollenbackDotNet
Home Page
Popular Pages
All Categories
Main Categories
General Interest
Geek Stuff
DevOps
Linux Stuff
Pictures
Search
Toolbox
RecentChanges
RecentNewPages
What links here
Printable version
AllPages
RecentChanges
Recent Changes Cached
No changes found
Favorite Categories
ActionPage
(150)
WikiPlugin
(149)
GeekStuff
(137)
PhpWikiAdministration
(102)
Help/PageList
(75)
Help/MagicPhpWikiURLs
(75)
Blog
(69)
Pictures
(60)
GeneralInterest
(44)
LinuxStuff
(38)
Views
View Page
View Source
History
Diff
Sign In
