Uploaded image for project: 'Observability Documentation'
  1. Observability Documentation
  2. OBSDOCS-890

syslog input documentation

XMLWordPrintable

    • 13
    • False
    • Hide

      None

      Show
      None
    • True
    • OBSDOCS (Mar 4 - Mar 25) #250, OBSDOCS (Mar 25 - Apr 15) #251
    • Critical

      In OBSDOCS-768 is documented how to configure a syslog input for being released with Red Hat OpenShift Logging 5.9.

      Some errors are present leading to don't work the example or making it prone to errors

      1.Documented only for Multi Log Forwarder

      The example given as it's is for when enabled "multi log forwarder", but:

        - it's requirement is not listed in the Prerequisites of the pull-request
        - it's not indicated that valid for being used in the `clusterLogForwarder instance` (Legacy implementation) and this is important as it will be observed later. An example when using `clusterlogForwarder instance` is:

      $ cat clf.yaml 
apiVersion: logging.openshift.io/v1
kind: ClusterLogForwarder
metadata:
  name: instance
  namespace: openshift-logging
spec:
  inputs:
    - name: syslog-receiver
      receiver:
        type: syslog
        syslog:
          port: 10514
  pipelines:
  - inputRefs:
    - syslog-receiver
    name: enable-default-log-store
    outputRefs:
    - default

      2. Not indicated the service/IP Address where the syslog service will be listening to be able to send the logs

      Without explaining how the service will be called and how to check it for being able to send the logs to the syslog input, all the section doesn't make sense. It should be indicated how to get the service/IP address/Port and how it's named for being able to send the logs to it

      3. The inputRefs in the example is incorrect

      The example is:

      spec:
  serviceAccountName: <service_account_name>
  inputs:
    - name: syslog-receiver # (1)
      receiver:
        type: syslog # (2)
        syslog:
          port: 10514 # (3)
  pipelines: # (4)
    - name: syslog-pipeline
      inputRefs:
        - syslog-receiver  <------
# ...

      This doesn't work. All the logs received by syslog are labelled as infrastructure, then, the example should be:

      spec:
  serviceAccountName: <service_account_name>
  inputs:
    - name: syslog-receiver # (1)
      receiver:
        type: syslog # (2)
        syslog:
          port: 10514 # (3)
  pipelines: # (4)
    - name: syslog-pipeline
      inputRefs:
        - infrastructure <--------- this
# ...

       

      4. When used multi log forwarder not allowed to use `default` as output

      When it's used multi log forwarder as the example from the pull request, it is not allowed to use `default` as output. This should be indicated and also the same listed as a restriction in Enabling the multi log forwarder feature for a cluster

              abrennan@redhat.com Ashleigh Brennan
              rhn-support-ocasalsa Oscar Casal Sanchez
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: