Difference between revisions of "AppSuite:Syslog Configuration"

(Debian GNU/Linux 5.0: delete)
 
(9 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
=Open-Xchange Syslog Configuration=
 
=Open-Xchange Syslog Configuration=
 +
 +
This article is valid up to version '''7.4.1'''
 +
For current information please check [[AppSuite:OX_Logging]]
  
 
==Abstract==
 
==Abstract==
Open-Xchange provides OSGi packages (''open-xchange-log4j'' and ''open-xchange-commons-logging-log4j'') to enable remote logging via syslog. This is useful for distributed setups or if a logging strategy is already present at the environments the servers are running. If you choose syslog to be the logging mechanism, the syslog service needs some configuration to accept remote logging, even if the service is running on localhost.
+
Open-Xchange provides the OSGi package ''open-xchange-log4j'' to enable remote logging via syslog. This is useful for distributed setups or if a logging strategy is already present at the environments the servers are running. If you choose syslog to be the logging mechanism, the syslog service needs some configuration to accept remote logging, even if the service is running on localhost.
  
The syslog remote logging will open port 514/udp, so don't forget to firewall it properly if it's a security risk for you. The default logging facility of Open-Xchange is defined at the ''/opt/open-xchange/{groupware,admindaemon}/etc/log4j.xml'' file. For more granular log filtering this facility can be changed. Please refer to the syslog and syslog-ng documentation for further information.
+
The syslog remote logging will open port 514/udp, so don't forget to firewall it properly if it's a security risk for you. The default logging facility of Open-Xchange is defined at the ''/opt/open-xchange/etc/log4j.xml'' file. For more granular log filtering this facility can be changed. Please refer to the rsyslog, syslog and syslog-ng documentation for further information.
  
 
{{InstallPlugin|pluginname=open-xchange-log4j|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}}
 
{{InstallPlugin|pluginname=open-xchange-log4j|toplevel=products|sopath=appsuite/stable/backend|version=App Suite}}
  
 
== Configuration ==
 
== Configuration ==
 +
Please note, there are numerous syslog daemons available and the configuration may also differ between Linux distributions. To make open-xchange-log4j running in collaboration with the syslog
 +
daemon of your choice, you have to enable logging via UDP protocol and listening port 514. Please
 +
read for details the documentation of your running syslog service.
 +
=== For RHEL, CentOS and Debian ===
  
===Debian GNU/Linux 6.0===
+
The parameter configuration is done in a configuration file at ''/etc/rsyslog.conf'' in case you are running the popular rsyslog daemon.
Debian squeeze comes with the rsyslog service. In contrast to the old syslogd service, the parameter configuration is now completely done at a configuration file at ''/etc/rsyslogd.conf''.  
 
  
 
  # provides UDP syslog reception
 
  # provides UDP syslog reception
 
  $ModLoad imudp
 
  $ModLoad imudp
 
  $UDPServerRun 514
 
  $UDPServerRun 514
 +
 +
If you like to enable remote logging it is might be needed to enable this by "/etc/default/rsyslog" configuration file.
 +
 +
# Options for rsyslogd
 +
# -m 0 disables 'MARK' messages (deprecated, only used in compat mode < 3)
 +
# -r enables logging from remote machines (deprecated, only used in compat mode < 3)
 +
# -x disables DNS lookups on messages received with -r
 +
# -c compatibility mode
 +
# See rsyslogd(8) for more details
 +
RSYSLOGD_OPTIONS="-c4 -r"
 +
 +
'''Note:''' On a recent Debian version, you might have to set compat mode to 0-2 in order for -r to work
  
 
Then restart the rsyslog service to enable remote logging.
 
Then restart the rsyslog service to enable remote logging.
Line 22: Line 40:
 
By default, all Open-Xchange log messages are put to ''/var/log/syslog''.
 
By default, all Open-Xchange log messages are put to ''/var/log/syslog''.
  
===RedHat Enterprise Linux 5===
+
===For SUSE Linux Enterprise Server 11 ===
RHEL5 comes with the traditional syslog service. Find the configuration parameter ''SYSLOGD_OPTIONS'' at ''/etc/sysconfig/syslog'' and add the ''-r'' option.
+
SLES11 comes up with syslog-ng, modify the configuration at ''/etc/syslog-ng/syslog-ng.conf'':
 
 
# Options to syslogd
 
# -m 0 disables 'MARK' messages.
 
# -r enables logging from remote machines
 
# -x disables DNS lookups on messages recieved with -r
 
# See syslogd(8) for more details
 
SYSLOGD_OPTIONS="-r -m 0"
 
 
 
Then restart the syslog service to enable logging.
 
$ /etc/init.d/syslog restart
 
 
 
By default, all Open-Xchange log messages are put to ''/var/log/messages''.
 
 
 
===SUSE Linux Enterprise Server 10 ===
 
SLES10 comes with syslog-ng, modify the configuration at ''/etc/syslog-ng/syslog-ng.conf'':
 
 
 
source src {
 
        #
 
        # include internal syslog-ng messages
 
        # note: the internal() soure is required!
 
        #
 
        internal();
 
 
        #
 
        # the following line will be replaced by the
 
        # socket list generated by SuSEconfig using
 
        # variables from /etc/sysconfig/syslog:
 
        #
 
        unix-dgram("/dev/log");
 
 
        #
 
        # uncomment to process log messages from network:
 
        #
 
        udp(ip("0.0.0.0") port(514));
 
};
 
 
 
Uncomment the last statement of the src definition and restart the syslog service to enable logging.
 
$ /etc/init.d/syslog restart
 
 
 
By default, all Open-Xchange log messages are put to ''/var/log/messages''.
 
 
 
===SUSE Linux Enterprise Server 11 ===
 
SLES11 comes with syslog-ng, modify the configuration at ''/etc/syslog-ng/syslog-ng.conf'':
 
  
 
  source src {
 
  source src {

Latest revision as of 16:35, 22 November 2019

Open-Xchange Syslog Configuration

This article is valid up to version 7.4.1 For current information please check AppSuite:OX_Logging

Abstract

Open-Xchange provides the OSGi package open-xchange-log4j to enable remote logging via syslog. This is useful for distributed setups or if a logging strategy is already present at the environments the servers are running. If you choose syslog to be the logging mechanism, the syslog service needs some configuration to accept remote logging, even if the service is running on localhost.

The syslog remote logging will open port 514/udp, so don't forget to firewall it properly if it's a security risk for you. The default logging facility of Open-Xchange is defined at the /opt/open-xchange/etc/log4j.xml file. For more granular log filtering this facility can be changed. Please refer to the rsyslog, syslog and syslog-ng documentation for further information.

Install on OX App Suite

Debian GNU/Linux 10.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBuster/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBuster/ /

and run

$ apt-get update
$ apt-get install open-xchange-log4j

Debian GNU/Linux 11.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /

and run

$ apt-get update
$ apt-get install open-xchange-log4j


Configuration

Please note, there are numerous syslog daemons available and the configuration may also differ between Linux distributions. To make open-xchange-log4j running in collaboration with the syslog daemon of your choice, you have to enable logging via UDP protocol and listening port 514. Please read for details the documentation of your running syslog service.

For RHEL, CentOS and Debian

The parameter configuration is done in a configuration file at /etc/rsyslog.conf in case you are running the popular rsyslog daemon.

# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

If you like to enable remote logging it is might be needed to enable this by "/etc/default/rsyslog" configuration file.

# Options for rsyslogd
# -m 0 disables 'MARK' messages (deprecated, only used in compat mode < 3)
# -r enables logging from remote machines (deprecated, only used in compat mode < 3)
# -x disables DNS lookups on messages received with -r
# -c compatibility mode
# See rsyslogd(8) for more details
RSYSLOGD_OPTIONS="-c4 -r"

Note: On a recent Debian version, you might have to set compat mode to 0-2 in order for -r to work

Then restart the rsyslog service to enable remote logging.

$ /etc/init.d/rsyslog restart

By default, all Open-Xchange log messages are put to /var/log/syslog.

For SUSE Linux Enterprise Server 11

SLES11 comes up with syslog-ng, modify the configuration at /etc/syslog-ng/syslog-ng.conf:

source src {
       #
       # include internal syslog-ng messages
       # note: the internal() soure is required!
       #
       internal();

       #
       # the default log socket for local logging:
       #
       unix-dgram("/dev/log");

       #
       # uncomment to process log messages from network:
       #
       udp(ip("0.0.0.0") port(514));
};

Uncomment the last statement of the src definition and restart the syslog service to enable logging.

$ /etc/init.d/syslog restart

By default, all Open-Xchange log messages are put to /var/log/messages.