Last updated at Fri, 03 Nov 2017 20:52:37 GMT
We have released our logentries_agent cookbook to supermarket.chef.io! You can check out the docs here, or I’ve developed the following brief tutorial to walk you through how to automate your installation of the Logentries Linux Agent in your own infrastructure.
First off, I assume you have a basic understanding of Chef and its technologies; if you’re unfamiliar with Chef I recommend having a look at this overview. (Also, if you dont have a Logentries account, you can get create a free account here in just a couple of minutes.)
To get started, add the following to your Cheffile or Berksfile.
cookbook 'logentries_agent', '~> 0.2.0'
This will add logentries_agent to your cookbooks. By default the cookbook downloads the Logentries Linux Agent and registers the host machine to send its logs to logentries.com.
For this you will need to override 2 attributes, I recommend you override node[‘le’][‘account_key’] at an environment level or wrapper_cookbook level and node[‘le’][‘logs_to_follow’] at a cookbook level:
override['le']['account_key'] = '000000000000-0000-0000-0000-00000000' override['le']['logs_to_follow'] = [{:name => 'syslog', :log => '/var/log/syslog'},{:name => 'apache2', :log => '/var/log/apache2/*'}]
Once your server is provisioned with the these overrides, you should be able to see something like this on logentries.com
This is a very simple example of how you can automate sending to logentries.com with our Linux agent. However, here are multiple ways in which you can run the Logentries Agent. (I will briefly explain them below but if you would like a blog post outlining these in more detail please feel free to comment and I will provide you with more information!)
Default
no datahub and pull configuration from logentries.com
override['le']['account_key'] = override['le']['logs_to_follow'] = [{:name => 'syslog', :log => '/var/log/syslog'}]
This is the regular case as explained above where you send the data directly to Logentries and get the configuration for your logs from Logentries as well.
Local configuration only
override['le']['pull-server-side-config'] = false override['le']['logs_to_follow'] = [{:name => 'syslog', :log => '/var/log/syslog', :token => '00000000-0000-0000-0000-000000000000'}]
To send data to Logentries without specifying an account key, you can set override[‘le’][‘pull-server-side-config’] to false. This will only send the logs specified in the configuration file without contacting Logentries. In this case you have to create the logs in advance and know the tokens as well.
Datahub
override['le']['datahub']['enable'] = true override['le']['pull-server-side-config'] = false override['le']['datahub']['server_ip'] = '1.2.3.4' override['le']['datahub']['port'] = 10000 override['le']['logs_to_follow'] = [{:name => 'syslog', :log => '/var/log/syslog'}]
This scenario is for Datahub users looking to push a config and not need to register to send their logs to their Datahub instance.
Let us know if you have any questions, and we always love you hear your feedback!