AppSuite:Syslog Configuration: Difference between revisions
Usman.ahmad (talk | contribs) |
No edit summary |
||
(6 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
=Open-Xchange Syslog Configuration= | =Open-Xchange Syslog Configuration= | ||
This article is valid up to version '''7.4.1''' | |||
For current information please check [[AppSuite:OX_Logging]] | |||
==Abstract== | ==Abstract== | ||
Open-Xchange provides OSGi | Open-Xchange provides the OSGi package ''open-xchange-log4j'' to enable remote logging via syslog. This is useful for distributed setups or if a logging strategy is already present at the environments the servers are running. If you choose syslog to be the logging mechanism, the syslog service needs some configuration to accept remote logging, even if the service is running on localhost. | ||
The syslog remote logging will open port 514/udp, so don't forget to firewall it properly if it's a security risk for you. The default logging facility of Open-Xchange is defined at the ''/opt/open-xchange | The syslog remote logging will open port 514/udp, so don't forget to firewall it properly if it's a security risk for you. The default logging facility of Open-Xchange is defined at the ''/opt/open-xchange/etc/log4j.xml'' file. For more granular log filtering this facility can be changed. Please refer to the rsyslog, syslog and syslog-ng documentation for further information. | ||
{{InstallPlugin|pluginname=open-xchange-log4j|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}} | {{InstallPlugin|pluginname=open-xchange-log4j|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}} | ||
Line 12: | Line 15: | ||
daemon of your choice, you have to enable logging via UDP protocol and listening port 514. Please | daemon of your choice, you have to enable logging via UDP protocol and listening port 514. Please | ||
read for details the documentation of your running syslog service. | read for details the documentation of your running syslog service. | ||
=== | === For RHEL, CentOS and Debian === | ||
The parameter configuration is | The parameter configuration is done in a configuration file at ''/etc/rsyslog.conf'' in case you are running the popular rsyslog daemon. | ||
# provides UDP syslog reception | # provides UDP syslog reception | ||
$ModLoad imudp | $ModLoad imudp | ||
$UDPServerRun 514 | $UDPServerRun 514 | ||
If you like to enable remote logging it is might be needed to enable this by "/etc/default/rsyslog" configuration file. | |||
# Options for rsyslogd | |||
# -m 0 disables 'MARK' messages (deprecated, only used in compat mode < 3) | |||
# -r enables logging from remote machines (deprecated, only used in compat mode < 3) | |||
# -x disables DNS lookups on messages received with -r | |||
# -c compatibility mode | |||
# See rsyslogd(8) for more details | |||
RSYSLOGD_OPTIONS="-c4 -r" | |||
'''Note:''' On a recent Debian version, you might have to set compat mode to 0-2 in order for -r to work | |||
Then restart the rsyslog service to enable remote logging. | Then restart the rsyslog service to enable remote logging. | ||
Line 25: | Line 40: | ||
By default, all Open-Xchange log messages are put to ''/var/log/syslog''. | By default, all Open-Xchange log messages are put to ''/var/log/syslog''. | ||
===SUSE Linux Enterprise Server 11 === | ===For SUSE Linux Enterprise Server 11 === | ||
SLES11 comes with syslog-ng, modify the configuration at ''/etc/syslog-ng/syslog-ng.conf'': | SLES11 comes up with syslog-ng, modify the configuration at ''/etc/syslog-ng/syslog-ng.conf'': | ||
source src { | source src { |
Latest revision as of 16:35, 22 November 2019
Open-Xchange Syslog Configuration
This article is valid up to version 7.4.1 For current information please check AppSuite:OX_Logging
Abstract
Open-Xchange provides the OSGi package open-xchange-log4j to enable remote logging via syslog. This is useful for distributed setups or if a logging strategy is already present at the environments the servers are running. If you choose syslog to be the logging mechanism, the syslog service needs some configuration to accept remote logging, even if the service is running on localhost.
The syslog remote logging will open port 514/udp, so don't forget to firewall it properly if it's a security risk for you. The default logging facility of Open-Xchange is defined at the /opt/open-xchange/etc/log4j.xml file. For more granular log filtering this facility can be changed. Please refer to the rsyslog, syslog and syslog-ng documentation for further information.
Install on OX App Suite
Debian GNU/Linux 11.0
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /
and run
$ apt-get update $ apt-get install open-xchange-log4j
Debian GNU/Linux 12.0
Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:
deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm/ /
# if you have a valid maintenance subscription, please uncomment the
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBookworm/ /
and run
$ apt-get update $ apt-get install open-xchange-log4j
Configuration
Please note, there are numerous syslog daemons available and the configuration may also differ between Linux distributions. To make open-xchange-log4j running in collaboration with the syslog daemon of your choice, you have to enable logging via UDP protocol and listening port 514. Please read for details the documentation of your running syslog service.
For RHEL, CentOS and Debian
The parameter configuration is done in a configuration file at /etc/rsyslog.conf in case you are running the popular rsyslog daemon.
# provides UDP syslog reception $ModLoad imudp $UDPServerRun 514
If you like to enable remote logging it is might be needed to enable this by "/etc/default/rsyslog" configuration file.
# Options for rsyslogd # -m 0 disables 'MARK' messages (deprecated, only used in compat mode < 3) # -r enables logging from remote machines (deprecated, only used in compat mode < 3) # -x disables DNS lookups on messages received with -r # -c compatibility mode # See rsyslogd(8) for more details RSYSLOGD_OPTIONS="-c4 -r"
Note: On a recent Debian version, you might have to set compat mode to 0-2 in order for -r to work
Then restart the rsyslog service to enable remote logging.
$ /etc/init.d/rsyslog restart
By default, all Open-Xchange log messages are put to /var/log/syslog.
For SUSE Linux Enterprise Server 11
SLES11 comes up with syslog-ng, modify the configuration at /etc/syslog-ng/syslog-ng.conf:
source src { # # include internal syslog-ng messages # note: the internal() soure is required! # internal(); # # the default log socket for local logging: # unix-dgram("/dev/log"); # # uncomment to process log messages from network: # udp(ip("0.0.0.0") port(514)); };
Uncomment the last statement of the src definition and restart the syslog service to enable logging.
$ /etc/init.d/syslog restart
By default, all Open-Xchange log messages are put to /var/log/messages.