Fluentd
Fluent是一套Log處理軟體。
簡介
我是拿來跑server端(接收端)而非client端(發送端)。
安裝
在Ubuntu上安裝:
curl -L https://packages.treasuredata.com/GPG-KEY-td-agent | gpg --dearmor | sudo tee /usr/share/keyrings/fluent-lts-archive-keyring.gpg > /dev/null; echo "Types: deb\nURIs: https://packages.treasuredata.com/lts/5/ubuntu/$(lsb_release -cs)/\nSuites: jammy\nComponents: contrib\nSigned-By: /usr/share/keyrings/fluent-lts-archive-keyring.gpg" | sudo tee /etc/apt/sources.list.d/fluent-lts.sources; sudo apt update; sudo apt install -y td-agent
另外安裝fluent-plugin-slack:
sudo fluent-gem install fluent-plugin-slack
設定
我是透過nginx包裝成HTTPS服務,另外進行帳號密碼的管制(HTTP Authentication),主要的重點是:
location / {
auth_basic "Restricted Content";
auth_basic_user_file /srv/fluent.example.com/.htpasswd;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8888/;
}
接著在/etc/flient/fluent.conf內的設定比較簡單:
#
<source>
@type http
port 9880
bind 127.0.0.1
add_remote_addr true
</source>
<match *>
@type copy
<store>
@type file
path /var/log/fluent/
</store>
<store>
@type slack
channel fluentd
flush_interval 5s
message_keys log
parse none
title_keys REMOTE_ADDR
title %s
webhook_url https://hooks.slack.com/services/...
</store>
</match>
另外建立/var/log/fluent,要設為td-agent這個使用者:
sudo mkdir /var/log/fluent; sudo chown td-agent:td-agent /var/log/fluent
相關連結
外部連結
- 官方网站 (英文)