Managing the Logging agent for Linux
You can deploy the Logging agent to collect and route infrastructure and application logs from RHEL8, RHEL9, Debian, and Ubuntu environments to an IBM Cloud Logs instance.
Deploying the agent
Complete the following steps to deploy an agent to a supported Linux environment.
Step 1. Define the authentication method for the agent
Choose the type of identity and the authentication method for the agent. Then, create an API key if needed.
Complete the following steps:
-
Choose the type of identity: user, or service ID.
You can use a user, or a service ID as the identity that is used by the agent to authenticate with the IBM Cloud Logs service.
-
Grant permissions for ingestion to the identity that you have chosen.
The role that is required for sending logs to IBM Cloud Logs is
Sender
.For more information, see Setting up IAM permissions for ingestion.
-
Generate an API Key for user authentication or for service ID authentication.
For more information, see Generating an API Key for ingestion.
Step 2. Setting up and deploying the Logging agent configuration
Complete the following steps:
-
Log in to your Linux environment.
-
Download the required RPM or DEB packages. For information about the current Logging agent version, see the agent release notes.
-
Validate the checksum by running the following command:
sha256sum -c <sha256_filename>
Where
<sha256_filename>
is the filename of the download*.sha256
file. -
Install the agent.
-
For RHEL run:
rpm -ivh <rpm_filename>
-
For Debian and Ubuntu run:
dpkg -i <deb_filename>
Where
<rpm_filename>
or<deb_filename>
is the name of the downloaded*.rpm
or*.deb
file. -
-
Download the configuration file.
https://logs-router-agent-config.s3.us.cloud-object-storage.appdomain.cloud/post-config.sh
-
Run the configuration script.
./post-config.sh -h <target_host> -p <target_port> -t <target_path> -a <auth_mode> -k <iam_api_key> [--send-directly-to-icl] [-s <vsi_secure_access_enabled>]
Where
-t <target_path>
-
Specify
/logs/v1/singles
to send data to an IBM Cloud Logs Routing instance. -a <auth_mode>
-
Specify
IAMAPIKey
orVSITrustedProfile
. -k <iam_api_key>
-
Specify the Cloud Identity and Access Management API key (required for
IAMAPIKey
mode). Make sure you follow the instructions in Generating an API Key.For more information about Cloud Identity and Access Management API Keys, see Managing API Keys.
--send-directly-to-icl
-
Set this parameter to send logs directly to IBM Cloud Logs.
-h <target_host>
-
The host for IBM Cloud Logs ingestion, found in the
Endpoints
section of your IBM Cloud Logs instanceOverview
. Use the ingress endpoint. For more information, see Ingress endpoints -p <target_port>
-
Use
443
to send logs directly to IBM Cloud Logs. -s <vsi_secure_access_enabled>
-
(Optional) Set this to
true
if you have secure access enabled in your VSI. It will be set tofalse
by default. For example,-s true
.
Step 3. Verify logs are being delivered to your target destination
Complete the following steps:
-
When your agent is correctly configured, you can see logs through the default dashboard view.
Step 4. (Optional) Add additional metadata fields
You can add additional metadata fields to the routed logs.
-
Edit the
fluent-bit.conf
file in the/etc/fluent-bit/
folder. -
Add your custom metadata using this structure:
[FILTER] Name record_modifier Match * Record <meta.key_name> <your_custom_value>
Where
<meta.key_name>
is the name of the metadata field to be added (for example,meta.env
) and<your_custom_value>
is the value to be assigned to the field (for example, the name of your environment).For example, if you want to add an environment and region name as metadata, the configuration would be similar to this:
[FILTER] Name record_modifier Match * Record meta.cluster_name my-cluster Record meta.env production Record meta.region us-east
-
Save the configuration file.
-
Restart the agent to apply the changes.