Comment on Suggestions for log aggregation for proxmox containers
redlemace@lemmy.world 1 week agoOn every device (but the central syslogserver or you create a loop that fills the drive in mere seconds)
/etc/rsyslog.d/99-centralsyslog.conf
$PreserveFQDN on *.* @192.168.1.66
then on the central syslog server 192.168.1.66
/etc/rsyslog.d/01-syslog_receiver.conf
# provides UDP syslog reception module(load="imudp") input(type="imudp" port="514") # provides TCP syslog reception module(load="imtcp") input(type="imtcp" port="514")
and also
/etc/rsyslog.d/20-save2postgresql.conf
# Load the PostgreSQL output module module(load="ompgsql") # Template for inserting logs template(name="pgsql-template" option.sql="on" type="string" string="INSERT INTO system_events (hostname, facility, priority, tag, message) VALUES ('%HOSTNAME%', %syslogfacility%, %syslogpriority%, '%syslogtag%', '%msg%' )") # Send logs to PostgreSQL *.emerg :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template *.panic :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template *.alert :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template *.crit :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template *.error :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template *.err :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template #*.warning :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template #*.warn :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template #*.notice :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template #*.info :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template #*.debug :ompgsql:127.0.0.1,syslog,syslog_user,WeakPassword;pgsql-template
make sure you install postgres, the rsyslog-psql module and create the databases. Grafana can run on the same or any other server.