Mundetaka JupyterHub
  • 週刊文春
  • 北海道・函館
  • 天声人語・令和五年
    • ©2023 yushei.net

    §2024-05-29

    1. I have a mongoDB replcation Server replSetName: "odroid01" as follow:
    • hc4Jammy.yushei.com.tw:27017 192.168.2.195
    • N2Jammy.yushei.com.tw:27017 192.168.2.177
    • x8664Arch.yushei.com.tw:27017 192.168.2.132
    • n2Bookworm.yushei.com.tw:27017 192.168.2.239
    $ dig +short SRV _mongodb._tcp.inLaneCatch.yushei.com.tw
0 0 27017 hc4Jammy.yushei.com.tw.
0 0 27017 x8664Arch.yushei.com.tw.
0 0 27017 n2Boookworm.yushei.com.tw.
0 0 27017 n2Jammy.yushei.com.tw.
    1. install syslog-ng on each replicationSet members
    $ sudo apt install syslog-ng
    1. We will send all log files to hc4Jammy.yushei.com.tw
    • /var/log/mongoDB-odroid01.log using syslog-ng program.
    $ sudo apt install syslog-ng
    • @hc4Jammy.yushei.com.tw, /etc/syslog-ng/syslog-ng.conf is as,
    $ sudo cp -v /etc/syslog-ng/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf.backup
'/etc/syslog-ng/syslog-ng.conf' -> '/etc/syslog-ng/syslog-ng.conf.backup'

    @version: 3.27
@include "scl.conf"

# Sources
source s_net {
    network(ip(0.0.0.0) port(514) transport("udp"));
};

# Destinations
destination d_mongoDB {
    file("/var/log/mongoDB-odroid-01.log");
};

# Filters
filter f_Mongo01 {
    host("hc4Jammy.yushei.com.tw");
};

filter f_Mongo02 {
    host("n2Jammy.yushei.com.tw");
};

filter f_Mongo03 {
    host("x8664Arch3.yushei.com.tw");
};

filter f_Mongo04 {
    host("n2Bookworm.yushei.com.tw");
};

# Bind Sources, Destinations, and Filters
log {
    source(s_net);
    # filter(f_Mongo01);
    destination(d_mongoDB);
};

# log {
#     source(s_net);
#     filter(f_Mongo02);
#     destination(d_mongoDB);
# };

# log {
#     source(s_net);
#     filter(f_Mongo03);
#     destination(d_mongoDB);
# };

# log {
#     source(s_net);
#     filter(f_Mongo04);
#     destination(d_mongoDB);
# };
    1. @hc4Jammy.yushei.com.tw
    $ sudo systemctl restart syslog-ng
root@hc4Jammy:/home/alexlai# nano /etc/syslog-ng/syslog-ng.conf
root@hc4Jammy:/home/alexlai# systemctl restart syslog-ng
root@hc4Jammy:/home/alexlai# systemctl status  syslog-ng
● syslog-ng.service - System Logger Daemon
     Loaded: loaded (/lib/systemd/system/syslog-ng.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-05-29 12:51:54 CST; 10s ago
       Docs: man:syslog-ng(8)
   Main PID: 5598 (syslog-ng)
      Tasks: 1 (limit: 3413)
     Memory: 2.8M
        CPU: 109ms
     CGroup: /system.slice/syslog-ng.service
             └─5598 /usr/sbin/syslog-ng -F

May 29 12:51:54 hc4Jammy systemd[1]: Starting System Logger Daemon...
May 29 12:51:54 hc4Jammy syslog-ng[5598]: [2024-05-29T12:51:54.349728] WARNING: Configuration file format is too old, syslog-ng is running in compatibil>
May 29 12:51:54 hc4Jammy syslog-ng[5598]: DIGEST-MD5 common mech free
May 29 12:51:54 hc4Jammy systemd[1]: Started System Logger Daemon.
    1. n2Jammy.yushei.com.tw it had a /var/log/mongodb/mongod.log file that is mongoDB log file. We would like to send it to hc4Jammy.yushei.com.tw syslog-ng, what will be the configuration file /etc/syslog-ng/syslog-ng.conf?
    $ sudo apt install syslog-ng

    alexlai@n2Jammy:~$ sudo cp -v /etc/syslog-ng/syslog-ng.conf /etc/syslog-ng/syslog-ng.conf.backup
'/etc/syslog-ng/syslog-ng.conf' -> '/etc/syslog-ng/syslog-ng.conf.backup'
    • /etc//syslog-ng/syslog-ng.conf as,
    @version: 3.27
@include "scl.conf"

# Sources
source s_net {
    network(ip(0.0.0.0) port(514) transport("udp"));
};

source s_mongo_log {
    file("/var/log/mongodb/mongod.log" flags(no-parse));
};

# Destinations
destination d_hc4Jammy {
    syslog("hc4Jammy.yushei.com.tw" transport("udp") port(514));
};

# Filters
filter f_hc4Jammy {
    host("hc4Jammyyushei.com.tw");
};

# Bind Sources, Destinations, and Filters

# Send mongod.log from redismongo03.yushei.com.tw to hc4nas02.yushei.net
log {
    source(s_net);
    source(s_mongo_log);
    filter(f_hc4Jammy);
    destination(d_hc4Jammy);
};

    sudo tcpdump -i any port 514

    @version: 3.25
@include "scl.conf"

# Sources
source s_local {
    system();
    internal();
};

# Destinations
destination d_hc4nas02 {
    syslog("hc4nas02.yushei.net" transport("udp") port(514));
};

# Bind the source and destination together
log {
    source(s_local);
    destination(d_hc4nas02);
};
    Return to Top