Happy Tuesday !!!
Thanks - paul
Paul Kudla
004-1009 Byron Street South
Whitby, Ontario - Canada
L1N 4S3
Toronto 416.642.7266
Main 1.866.411.7266
Fax 1.888.892.7266
i went through this issue the hard way
there does not seem to be anything at all as apache seems to be all file
related
redirecting to logger just does not work.
i wrote a python script that uses sockets (assuming linux, freebsd etc)
nothing for windows
i have to trap all the log files and redirect to a common logging server
(mine was 10.228.0.6 but the useage is pretty straight forward)
example useage
/usr/local/bin/python3 /programs/common/capture -s
/usr/local/apache2/logs/httpd-access.log -l httpd -d 10.228.0.6:514 -p httpd
/usr/local/bin/python3 /programs/common/capture -s
/usr/local/apache2/logs/httpd-error.log -l httpd-err -d 10.228.0.6:514
-p httpd
/usr/local/bin/python3 /programs/common/capture -s
/usr/local/apache2/logs/ssl_request_log -l httpd-ssl -d 10.228.0.6:514
-p httpd
## cat /programs/common/capture
#!/usr/local/bin/python3
# -*- coding: UTF-8 -*-
import os,sys,socket
import datetime,time
from optparse import OptionParser
from lib import *
USAGE_TEXT = '''\
usage: %%prog %s[options]
'''
parser = OptionParser(usage=USAGE_TEXT % '', version='0.4')
parser.add_option("-s", "--socket", dest="socket_file", help="Socket
File to Capture")
parser.add_option("-l", "--label", dest="label", help="Syslog Label to
Insert")
parser.add_option("-d", "--destination", dest="destination",
help="Syslog Destibnation Server:Port")
parser.add_option("-p", "--pid", dest="pid", help="PID Process Name")
#parser.add_option("-e", "--email", dest="email", help="Additional Email
To")
#parser.add_option("-t", "--temp", dest="tempdir", help="Local Temp
Directory")
options, args = parser.parse_args()
print (options.socket_file)
print (options.label)
print (options.destination)
print (options.pid)
if options.socket_file == None :
print ('Missing Socket File Information')
sys.exit()
if options.label == None :
print ('Missing Syslog Label Information')
sys.exit()
if options.destination == None :
print ('Missing Syslog Destination host:[port]')
sys.exit()
if options.pid == None :
print ('Missing Syslog Pid Process Name')
sys.exit()
#try local syslog (/var/run/log)
UDP_IP = options.destination.split(':')
if len(UDP_IP) == 2 : #Set Port
UDP_PORT = int(UDP_IP[1])
else :
UDP_PORT = 514 #Default
UDP_IP = UDP_IP[0] #Server
#MESSAGE = str("<22>Mar 27 04:16:16 es-scom[12345] offsite.scom.ca su:
Hello, World!")
#MESSAGE = str("<183>Mar 27 16:17:41 scom-live[72178]: Hello World")
print("UDP target IP: %s" % UDP_IP)
print("UDP target port: %s" % UDP_PORT)
#print("message: %s" % MESSAGE)
count = 10
#sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
#sock.sendto(MESSAGE, (UDP_IP, UDP_PORT))
#sock.sendto(bytes(MESSAGE, "utf-8"), (UDP_IP, UDP_PORT))
#sock.close()
#sys.exit()
#def read_commands():
try:
print ("Creating read pipe... %s" %options.socket_file )
os.mkfifo(options.socket_file) # Create pipe
print ("Pipe %s created!" %options.socket_file )
except:
print ("Pipe %s already exists" %options.socket_file )
#chmod 777 the file so everyone can talk to it
os.system('/bin/chmod 777 %s' %options.socket_file)
with open(options.socket_file, "r") as pipecmd:
while True:
time.sleep(.001)
try:
line = pipecmd.readline()
if line != '' : #New Data
if line == '\n' :
continue
print ('Raw Text : %s' %line)
encoded_string = line.encode("ascii",
"ignore")
line = encoded_string.decode()
line = create_ascii(line)
line = line.ascii
print ('Line after ASCII : %s' %line)
print ( 'Line Count : %s' %len(line) )
#line = data
#go get my pid
pid_process = '0'
if options.pid == 'postfix' : #its a
diverted postfix process get the actual pid from raw text
pid_process =
line.split('[',1)[1].split(']',1)[0]
else :
command = commands('/bin/ps
-axww | /usr/bin/grep %s' %options.pid)
print ()
#print (command.output)
for n in range
(0,len(command.output)) :
if '/bin/ps -axww |
/usr/bin/grep' not in command.output[n] and '/usr/bin/grep' not in
command.output[n] and '/usr/local/bin/python3' not in command.output[n] :
pid_process = ( command.output.split(' ')[0] ) #whats left should be my
process ?
break
print ('PID Process : %s ' %pid_process )
if options.destination == 'local' :
#Send to log here
print ('Sending to Local Syslog')
log = open ('/var/run/log','w')
log.write ('hello')
log.close()
sys.exit()
else : #Send via socket
#Make the line in freebsd
syslog format
MESSAGE = '<' + str(count) +
'>' + str( time.strftime("%b %d %H:%M:%S ") ) + str(options.label) + '['
+ str(pid_process) + ']: ' + str(line)
print ('Sent : %s' %MESSAGE )
count = count + 1
if count > 255 :
count = 10
# send to udp logger port specified
sock =
socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(bytes(MESSAGE,
"utf-8"), (UDP_IP, UDP_PORT))
sock.close()
else : #No data
pass
except Exception as e:
exc_type, exc_obj, exc_tb = sys.exc_info()
fname =
os.path.split(exc_tb.tb_frame.f_code.co_filename)[1]
e = str(e) + '\n\n' + str(exc_type) + '\n' +
str(fname) + '\n' + str(exc_tb.tb_lineno)
print ('\n\nCaught Exception : %s' %e )
print ("Could not read cmd pipe, skipping ...")
sys.exit()
Hi. I'd like to have Apache send all log entries to syslog instead of files (because I run a central syslog aggregator and want to have many servers all send their log files to this system). I have found: https://httpd.apache.org/docs/trunk/mod/mod_syslog.html However this appears only to be for Error Logs, whereas I would want _all_ logs to be sent to syslog. Can Apache do this? I have found some workarounds such as: https://serverfault.com/questions/1025281 https://kifarunix.com/forward-apache-logs-to-central-log-server-with-rsyslog/ however I would be more comfortable if there were a way to tell Apache I want it to talk directly to syslog, if this can be done. Thanks in advance, Antony.
 |