IBM Cloud Docs
Configuring a Logging agent V2 for a Linux RPM-based

Configuring a Logging agent V2 for a Linux RPM-based

The logging agent is responsible for collecting and forwarding logs to your IBM® Log Analysis instance. After you provision an instance of IBM Log Analysis, you must configure a logging agent for each log source that you want to monitor.

As of 28 March 2024 the IBM Log Analysis and IBM Cloud Activity Tracker services are deprecated and will no longer be supported as of 30 March 2025. Customers will need to migrate to IBM Cloud Logs, which replaces these two services, prior to 30 March 2025. For information about IBM Cloud Logs, see the IBM Cloud Logs documentation.

The logging agent reads log files from /var/log, and forwards the log data to your logging instance.

The agent runs as a Linux daemon by using systemd. You can manage the agent by using systemctl.

To configure your Linux RPM-based server to forward logs to your logging instance, complete the following steps from a terminal:

Step 1. Add the logdna repository to your package manager

Add the logdna repository to your package manager, open a host terminal and run the following commands:

  1. List the versions of the agent that are available in the repo.

    yum --showduplicates list logdna-agent | expand

  2. Add the logdna repository to your package manager.

    sudo rpm --import https://assets.logdna.com/logdna.gpg
echo "[logdna]
name=LogDNA packages
baseurl=https://assets.logdna.com/el6/
enabled=1
gpgcheck=1
gpgkey=https://assets.logdna.com/logdna.gpg" | sudo tee /etc/yum.repos.d/logdna.repo

  3. Install the agent.

    sudo yum -y install logdna-agent-VERSION.x86_64

    Where VERSION is set to the agent version that you want to configure.

    For example, to install the logging agent version 2.1.2-1, you can use the following command:

    sudo yum -y install logdna-agent-2.1.2-1.x86_64

If you get the error failed loading '/etc/yum.repos.d/logdna.repo', check that the /etc/yum.repos.d/logdna.repo file is set as follows:

[logdna]
name=LogDNA packages
baseurl=https://assets.logdna.com/el6/
enabled=1
gpgcheck=1
gpgkey=https://assets.logdna.com/logdna.gpg

Step 2. Create the configuration file

Create the configuration file that includes information about the IBM Log Analysis instance where you are configuring your system to forward logs.

Complete the following steps:

  1. Create the configuration file logdna.env in the /etc directory, by using the following command:

    sudo touch /etc/logdna.env

    The logdna.env file is initialized as an empty file and stores environment variables as key-value pairs.

  2. Edit the /etc/logdna.env file and set the following information:

    LOGDNA_HOST=ENDPOINT
LOGDNA_ENDPOINT=/logs/agent
LOGDNA_INGESTION_KEY=INGESTION_KEY
LOGDNA_LOG_DIRS=OTHER_LOG_PATHS
LOGDNA_HOSTNAME=NAME_OF_SOURCE
LOGDNA_TAGS=TAGS

    Where

    • INGESTION_KEY contains the ingestion key active for the IBM Log Analysis instance where you are configuring to forward logs.

    • ENDPOINT is the authentication endpoint. The logging agent uses this host to authenticate and get the token to forward logs. You can set a public endpoint logs.REGION.logging.cloud.ibm.com or a private endpoint logs.private.REGION.logging.cloud.ibm.com. Replace REGION with the location of the IBM Log Analysis instance where you are configuring to forward logs.

    • NAME_OF_SOURCE contains a human-readable name for the source where you are collecting logs, such as the name of a vsi, for example.

    • OTHER_LOG_PATHS define more log paths to be monitored, for example, /path/to/log/folders. By default, /var/log is monitored.

    • TAGS define a comma-separated list of tags that you want to attach as metadata to each log record.

Step 3. Start the logging agent

Agent V2

Complete the following steps to start the logging agent:

  1. Set the ingestion key.

    logdna-agent -k INGESTION_KEY

  2. Start the logdna-agent service by running the following command:

    sudo service logdna-agent start

Next, verify that the agent is running.

sudo service logdna-agent status

Agent V3

Start the logdna-agent service by running the following command:

sudo systemctl start logdna-agent

Next, verify that the agent is running.

systemctl status logdna-agent

Appendix. Commands to manage the agent

Get the agent version

logdna-agent --version

Enable the agent on boot

sudo systemctl enable logdna-agent

Check the status of the agent

systemctl status logdna-agent

Start the agent

sudo systemctl start logdna-agent

Stop the agent

sudo systemctl stop logdna-agent

Get a log trace from the agent

journalctl _SYSTEMD_INVOCATION_ID=`systemctl show -p InvocationID --value logdna-agent.service`

Delete the agent

yum remove logdna-agent