Aug
23
2015
Server_A —> Server_B —> Server_C
Let’s say that we have our elasticsearch/kibana setup on Server_C
but Server_A can’t talk to Server_C.
Server_A
# tail /etc/rsyslog.d/20_central_logging.conf
*.* @192.168.1.100:42185
& ~
Server_B
install fluentd
# wget -c http://packages.treasuredata.com.s3.amazonaws.com/2/redhat/6/x86_64/td-agent-2.2.1-0.el6.x86_64.rpm
# rpm -ivh td-agent-2.2.1-0.el6.x86_64.rpm
configure fluentd
# vim /etc/td-agent/td-agent.conf
<source>
type syslog
port 42185
tag rsyslog
</source>
<match ***>
type forward
send_timeout 10s
recover_wait 10s
heartbeat_interval 1s
phi_threshold 16
hard_timeout 60s
<server>
host 192.168.1.200
</server>
</match>
Server C
install fluentd
# wget -c http://packages.treasuredata.com.s3.amazonaws.com/2/redhat/6/x86_64/td-agent-2.2.1-0.el6.x86_64.rpm
# rpm -ivh td-agent-2.2.1-0.el6.x86_64.rpm
configure fluentd
# vim /etc/td-agent/td-agent.conf
<match ***>
type elasticsearch
flush_interval 10s # for testing
logstash_format true
</match>
PLZ Dont forget your iptables rules !!!!
UDP & TCP
Tag(s):
Fluentd