Fluentd

来自Gea-Suan Lin's Wiki
跳到导航 跳到搜索

Fluent是一套Log處理軟體。

簡介

我是拿來跑server端(接收端)而非client端(發送端)。

安裝

Ubuntu上安裝:

curl https://packages.treasuredata.com/GPG-KEY-td-agent | sudo apt-key add -; echo "deb http://packages.treasuredata.com/4/ubuntu/$(lsb_release -cs)/ $(lsb_release -cs) contrib" | sudo tee /etc/apt/sources.list.d/treasure-data.list; sudo apt update; sudo apt install -y td-agent

另外安裝fluent-plugin-slack:

sudo fluent-gem install fluent-plugin-slack

設定

我是透過nginx包裝成HTTPS服務,另外進行帳號密碼的管制(HTTP Authentication),主要的重點是:

    location / {
        auth_basic "Restricted Content";
        auth_basic_user_file /srv/fluent.example.com/.htpasswd;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://127.0.0.1:9880/;
    }

接著在/etc/td-agent/td-agent.conf內的設定比較簡單:

#
<source>
  @type http
  port 9880
  bind 127.0.0.1
  add_remote_addr true
</source>

<match colo>
  @type copy
  <store>
    @type file
    path /var/log/fluent/
  </store>
  <store>
    @type slack
    channel fluentd
    flush_interval 5s
    message_keys log
    parse none
    title_keys REMOTE_ADDR
    title %s
    webhook_url https://hooks.slack.com/services/...
  </store>
</match>

另外建立/var/log/fluent,要設為td-agent這個使用者:

sudo mkdir /var/log/fluent; sudo chown td-agent:td-agent /var/log/fluent

相關連結

外部連結