Collecting Syslog with Retrace Agent
  • 1 Minute to read
  • Dark
  • PDF

Collecting Syslog with Retrace Agent

  • Dark
  • PDF

Article summary

The following section will cover how to enable sending your Linux syslogs to Retrace to be viewed in the Logs Dashboard with an agent running on your server.

Enabling Syslog with Retrace

Go to Servers > Locate your Linux server > Click the 3 dots on the right > Click on 'Server Settings'

To enable syslog on your server, go to the server settings of the server and check the Syslog checkbox.

By enabling this setting, an **rsyslog.conf **file will be created in the /etc/ directory. You can edit this file for some additional configurations around your syslogs.

Additional Configurations

It is possible to forward to a TCP port by modifying the line:

*.* @;RSYSLOG_SyslogProtocol23Format

It is also possible to omit the messages format:

*.* @

Enabling Syslog Manually

You can also edit your rsyslog.conf file manually and the agent will pick up these settings. To enable syslog for Stackify manually, you should take the following steps:

  1. In a text editor, add a single line in the /etc/rsyslog.conf file:
*.* @;RSYSLOG_SyslogProtocol23Format
  1. Restart the rsyslog service:
sudo service rsyslog restart
  1. Restart the stackify-agent service:
sudo service stackify-agent restart

Rsyslog will now forward all the messages to UDP port 10514. The Stackify Agent will create a listener on the specified port and process incoming messages. You can use any port number greater than 1024 to bind to the Stackify agent.

Note: The port cannot not be used by any other application. Stackify Agent does not have established permissions for listening on privileged ports, which is why the port number must be greater than 1024. Use your IP address instead of a hostname in the rsyslog.conf. file.

Setting up Defaults via the Log Collectors

Logs > Log Collectors

You can enable syslogs per server in the server settings as mentioned earlier, or you can enable it globally for all new and existing servers in the Log Collectors page. By turning on the Syslog settings, all new servers that you install will have syslog enabled by default. By clicking on APPLY at the top of the page will enable the setting on all existing servers. See this doc for more information.

Was this article helpful?