AppSuite:Syslog Configuration: Difference between revisions

From Open-Xchange
No edit summary
 
Line 1: Line 1:
=Open-Xchange Syslog Configuration=
=Open-Xchange Syslog Configuration=
This article is valid up to version '''7.4.1'''
For current information please check [[AppSuite:OX_Logging]]


==Abstract==
==Abstract==

Latest revision as of 16:35, 22 November 2019

Open-Xchange Syslog Configuration

This article is valid up to version 7.4.1 For current information please check AppSuite:OX_Logging

Abstract

Open-Xchange provides the OSGi package open-xchange-log4j to enable remote logging via syslog. This is useful for distributed setups or if a logging strategy is already present at the environments the servers are running. If you choose syslog to be the logging mechanism, the syslog service needs some configuration to accept remote logging, even if the service is running on localhost.

The syslog remote logging will open port 514/udp, so don't forget to firewall it properly if it's a security risk for you. The default logging facility of Open-Xchange is defined at the /opt/open-xchange/etc/log4j.xml file. For more granular log filtering this facility can be changed. Please refer to the rsyslog, syslog and syslog-ng documentation for further information.

Install on OX App Suite

Debian GNU/Linux 11.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBullseye/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBullseye/ /

and run

$ apt-get update
$ apt-get install open-xchange-log4j

Debian GNU/Linux 12.0

Add the following entry to /etc/apt/sources.list.d/open-xchange.list if not already present:

deb https://software.open-xchange.com/products/appsuite/stable/backend/DebianBookworm/ /
# if you have a valid maintenance subscription, please uncomment the 
# following and add the ldb account data to the url so that the most recent
# packages get installed
# deb https://[CUSTOMERID:PASSWORD]@software.open-xchange.com/products/appsuite/stable/backend/updates/DebianBookworm/ /

and run

$ apt-get update
$ apt-get install open-xchange-log4j


Configuration

Please note, there are numerous syslog daemons available and the configuration may also differ between Linux distributions. To make open-xchange-log4j running in collaboration with the syslog daemon of your choice, you have to enable logging via UDP protocol and listening port 514. Please read for details the documentation of your running syslog service.

For RHEL, CentOS and Debian

The parameter configuration is done in a configuration file at /etc/rsyslog.conf in case you are running the popular rsyslog daemon.

# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

If you like to enable remote logging it is might be needed to enable this by "/etc/default/rsyslog" configuration file.

# Options for rsyslogd
# -m 0 disables 'MARK' messages (deprecated, only used in compat mode < 3)
# -r enables logging from remote machines (deprecated, only used in compat mode < 3)
# -x disables DNS lookups on messages received with -r
# -c compatibility mode
# See rsyslogd(8) for more details
RSYSLOGD_OPTIONS="-c4 -r"

Note: On a recent Debian version, you might have to set compat mode to 0-2 in order for -r to work

Then restart the rsyslog service to enable remote logging.

$ /etc/init.d/rsyslog restart

By default, all Open-Xchange log messages are put to /var/log/syslog.

For SUSE Linux Enterprise Server 11

SLES11 comes up with syslog-ng, modify the configuration at /etc/syslog-ng/syslog-ng.conf:

source src {
       #
       # include internal syslog-ng messages
       # note: the internal() soure is required!
       #
       internal();

       #
       # the default log socket for local logging:
       #
       unix-dgram("/dev/log");

       #
       # uncomment to process log messages from network:
       #
       udp(ip("0.0.0.0") port(514));
};

Uncomment the last statement of the src definition and restart the syslog service to enable logging.

$ /etc/init.d/syslog restart

By default, all Open-Xchange log messages are put to /var/log/messages.