3
Nginx does not support syslog by default, so you have to patch it with a third party module. This snippet relies on that you have configured xstow. See "this":http://snippets.aktagon.com/snippets/188-Installing-git-without-getting-screwed-over-when-it-s-time-to-uninstall-upgrade-or-install-package-maintainer-s-version snippet for instructions on xstow configuration.
<code>
cd /tmp
wget http://sysoev.ru/nginx/nginx-0.6.32.tar.gz
tar zxvf nginx-0.6.32.tar.gz
mv nginx-0.6.32 src-0.6.32-orig
wget "http://wiki.codemongers.com/NginxModules?action=AttachFile&do=get&target=syslog.patch" -O syslog.patch
patch -p0 < syslog.patch
cd src-0.6.32-orig
./configure --prefix=/usr/local/stow/nginx --with-syslog
make
sudo make install
cd /usr/local/stow
sudo xstow nginx
</code>
I-am-a-noob-at-syslog-disclaimer: This might be a totally wrong way to configure the server and client(s), so it is subject for refinement. In my experience it works though.
Configuring the *client*. Add the following lines to the end of /etc/syslog-ng/syslog-ng.conf and restart syslog-ng with /etc/init.d/syslog-ng restart. Nginx logs in facility local5 and the hostname of the loghost is "loghost". You could just as well use the IP of the loghost.
<code>
filter f_local5 { facility(local5); };
destination d_loghost {tcp("loghost" port(514));};
log { source(s_all); filter(f_local5); destination(d_loghost); };
</code>
Configuring the *server*. Add the following lines to the end of /etc/syslog-ng/syslog-ng.conf and restart syslog-ng with /etc/init.d/syslog-ng restart. Also if you run a cluster of nginx servers it might be wise to put all the output in one file, instead of separate files per host.
<code>
source s_remote { tcp(); };
destination d_clients { file("/var/log/HOSTS/nginx.$HOST"); };
log { source(s_remote); destination(d_clients); };
</code>
Test the logging by running this from the client.
<code>
logger -p local5.info Hubbabubba
</code>
0
2008-09-17T23:38:12+03:00
247
131
<p>Nginx does not support syslog by default, so you have to patch it with a third party module. This snippet relies on that you have configured xstow. See <a href="http://snippets.aktagon.com/snippets/188-Installing-git-without-getting-screwed-over-when-it-s-time-to-uninstall-upgrade-or-install-package-maintainer-s-version">this</a> snippet for instructions on xstow configuration.
<pre class="active4d"><span class="line-numbers"> 1 </span> cd /tmp
<span class="line-numbers"> 2 </span> wget http://sysoev.ru/nginx/nginx-0.6.32.tar.gz
<span class="line-numbers"> 3 </span> tar zxvf nginx-0.6.32.tar.gz
<span class="line-numbers"> 4 </span> mv nginx-0.6.32 src-0.6.32-orig
<span class="line-numbers"> 5 </span> wget <span class="String"><span class="String">"</span>http://wiki.codemongers.com/NginxModules?action=AttachFile&do=get&target=syslog.patch<span class="String">"</span></span> -O syslog.patch
<span class="line-numbers"> 6 </span> patch -p0 <span class="Operator"><</span> syslog.patch
<span class="line-numbers"> 7 </span> cd src-0.6.32-orig
<span class="line-numbers"> 8 </span> ./configure --prefix=/usr/local/stow/nginx --with-syslog
<span class="line-numbers"> 9 </span> make
<span class="line-numbers"> 10 </span> sudo make install
<span class="line-numbers"> 11 </span> cd /usr/local/stow
<span class="line-numbers"> 12 </span> sudo xstow nginx
</pre></p>
<p>I-am-a-noob-at-syslog-disclaimer: This might be a totally wrong way to configure the server and client(s), so it is subject for refinement. In my experience it works though.</p>
<p>Configuring the <strong>client</strong>. Add the following lines to the end of /etc/syslog-ng/syslog-ng.conf and restart syslog-ng with /etc/init.d/syslog-ng restart. Nginx logs in facility local5 and the hostname of the loghost is “loghost”. You could just as well use the IP of the loghost.
<pre class="active4d"><span class="line-numbers"> 1 </span> filter f_local5 { facility(local5)<span class="Operator">;</span> }<span class="Operator">;</span>
<span class="line-numbers"> 2 </span> destination d_loghost {tcp(<span class="String"><span class="String">"</span>loghost<span class="String">"</span></span> port(514))<span class="Operator">;</span>}<span class="Operator">;</span>
<span class="line-numbers"> 3 </span> log { source(s_all)<span class="Operator">;</span> filter(f_local5)<span class="Operator">;</span> destination(d_loghost)<span class="Operator">;</span> }<span class="Operator">;</span>
</pre></p>
<p>Configuring the <strong>server</strong>. Add the following lines to the end of /etc/syslog-ng/syslog-ng.conf and restart syslog-ng with /etc/init.d/syslog-ng restart. Also if you run a cluster of nginx servers it might be wise to put all the output in one file, instead of separate files per host.
<pre class="active4d"><span class="line-numbers"> 1 </span> source s_remote { <span class="FunctionName">tcp</span>()<span class="Operator">;</span> }<span class="Operator">;</span>
<span class="line-numbers"> 2 </span> destination d_clients { file(<span class="String"><span class="String">"</span>/var/log/HOSTS/nginx.<span class="Variable"><span class="Variable">$</span>HOST</span><span class="String">"</span></span>)<span class="Operator">;</span> }<span class="Operator">;</span>
<span class="line-numbers"> 3 </span> log { source(s_remote)<span class="Operator">;</span> destination(d_clients)<span class="Operator">;</span> }<span class="Operator">;</span>
</pre></p>
<p>Test the logging by running this from the client.
<pre class="active4d"><span class="line-numbers"> 1 </span> logger -p local5.info Hubbabubba
</pre></p>
Logging nginx to remote loghost with syslog-ng.
2008-09-17T23:47:52+03:00