Menu
I'm using Graylog2 server as my application log server. But couldn't connect apache log to graylog2. Is there any guide to send apache log to graylog2 server or can someone help me to solve this ?
392
You can access Apache logs from var/log/log_type. For example, you can access Apache logs from the Apache Unix/Linux server by looking in the following directories: /var/log/apache/access. log.
Apache doesn't only support logging to files. For example, you can also send logs directly to a syslog service using a custom logging pipeline. The most common method is to use the /usr/bin/logger command, which forwards logs over a syslog socket to the syslog service.
I put this at the bottom of my /etc/rsyslog.conf on Ubuntu 14.04
# Apache access file:
$ModLoad imfile
$InputFileName /var/log/apache2/access.log
$InputFileTag apache-access:
$InputFileStateFile stat-apache-access
$InputFileSeverity info
$InputRunFileMonitor
#Apache Error file:
$InputFileName /var/log/apache2/error.log
$InputFileTag apache-errors:
$InputFileStateFile stat-apache-error
$InputFileSeverity error
$InputRunFileMonitor
$InputFilePollInterval 10
if $programname == 'apache-access' then @10.11.11.33:514
if $programname == 'apache-errors' then @10.11.11.33:514
where 10.x.x.x is my Graylog2 server.
187
There will be a GELF module for Apache soon. Until that is released I can recommend using Logstash to parse and forward the Apache log files. You could even send in the log lines to "Raw/Plaintext" inputs in Graylog2 using tail and netcat.
38
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
