Hi Guys,
We have a Magento application running on Centos and Ubuntu.
Please suggest me which log collector should I use to collect the logs from the client application.
Log file path are:
/var/www/html/magento/var/report
/var/www/html/magento/var/log/*.log
You can use beats or nxlog. I prefer beats, it comes with the sidecar install… but they both work just fine.
Hello,
I agree with @tmacgbay since I’ve been using Beats for a little while I’m starting to prefer it better then NXlog.
I wanted to ask you a question, You have your log files in apache home directory?
Hi @gsmith ,
Not exactly, Actually I want to log Magento application logs: which is situated at:
/var/www/html/magento(Project name)/var/report
/var/www/html/magento/var/log/*.log.
I guess, I can apply beats for nginx and apache log as well. Please correct me If I am wrong.
I was just curious because having all my logs for any service or application in one spot makes it easier/quicker to set up a log shipper configurations.
For example,
I can use these settings below to get all the log files that end in .log in the directory /var/log.
Input message>
Module im_file
FILE "/var/log/*.log"
SavePos TRUE
ReadFromLast TRUE
PollInterval 1
Exec $Message = $raw_event;
</Input>
And another example
# Needed for Graylog
fields_under_root: true
fields.collector_node_id: ${sidecar.nodeName}
fields.gl2_source_collector: ${sidecar.nodeId}
filebeat.inputs:
- input_type: log
paths:
- /var/log/*.log
type: log
Thank you so much, will try with this solution.
Please help me with one more concern:
If I install filebeat on the client end so do I need to configure sidecars in Graylog server or creating inputs is fine for receiving the logs from the client machine.
When you install sidecar (with filebeat) you modify the local sidecar.yml to adjust local settings and point the beats to where your Graylog server is… then it will show up as available in Graylog. Thne in Graylog GUI you can create configurations based on log collector types that can be applied to the client sidecar. The configuration is pushed tot he client sidecar and tells it what to capture and how to capture it… this way you can apply the same configuration to multiple clients.
Does that make sense?
Okay, What I did here: I create an input in Graylog server and install filebeat on the client side and start receiving the logs.
I guess, I need to explore more about sidecar how It works.
Image if the Graylog Sidecar was like your Remote Controller for your TV set.
Your TV ( AKA Collector)has all the channels to watch and your remote ( AKA Sidecar) only tells your TV to turn on or OFF and what channel to use 
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.