Fluentd
Fluent是一套Log处理软件。
简介
我是拿来跑server端(接收端)而非client端(发送端)。
安装
在Ubuntu上安装:
curl -L https://packages.treasuredata.com/GPG-KEY-fluent-package | gpg --dearmor | sudo tee /usr/share/keyrings/fluent-lts-archive-keyring.gpg > /dev/null; echo "Types: deb\nURIs: https://packages.treasuredata.com/lts/5/ubuntu/$(lsb_release -cs)/\nSuites: jammy\nComponents: contrib\nSigned-By: /usr/share/keyrings/fluent-lts-archive-keyring.gpg" | sudo tee /etc/apt/sources.list.d/fluent-lts.sources; sudo apt update; sudo apt install -y td-agent
另外安装fluent-plugin-slack:
sudo fluent-gem install fluent-plugin-slack
设定
我是透过nginx包装成HTTPS服务,另外进行账号密码的管制(HTTP Authentication),主要的重点是:
location / {
auth_basic "Restricted Content";
auth_basic_user_file /srv/fluent.example.com/.htpasswd;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:9880/;
}
接着在/etc/td-agent/td-agent.conf内的设定比较简单:
#
<source>
@type http
port 9880
bind 127.0.0.1
add_remote_addr true
</source>
<match colo>
@type copy
<store>
@type file
path /var/log/fluent/
</store>
<store>
@type slack
channel fluentd
flush_interval 5s
message_keys log
parse none
title_keys REMOTE_ADDR
title %s
webhook_url https://hooks.slack.com/services/...
</store>
</match>
另外建立/var/log/fluent,要设为td-agent这个使用者:
sudo mkdir /var/log/fluent; sudo chown td-agent:td-agent /var/log/fluent
相关连结
外部链接
- 官方网站 (英文)