Name: windows-syslog-release
Owner: Cloud Foundry
Description: BOSH release for forwarding logs from BOSH jobs on Windows VMs
Created: 2018-03-16 23:12:37.0
Updated: 2018-05-21 15:02:17.0
Pushed: 2018-05-21 15:02:22.0
Size: 8980
Language: Go
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
This is a BOSH release for forwarding logs from BOSH jobs on Windows VMs. It forwards logs in c:/var/vcap/sys/log/ (and any subdirectories, recursively) to a configured syslog server.
syslog-release
This release is designed to share configuration with its linux sibling.
However, it uses a very different architecture,
and parity would often be prohibitively expensive.
Here are a list of some of the major differences with syslog-release
,
with special attention to standard configuration that will be ignored or fail.
syslog-forwarder-windows
will start, it will not forward logs.permitted_peer
(what addresses or dns resolutions are allowed to recieve syslog messages) in tls modeIf any of these constraints are a problem for you, please open an issue explaining your use case.
Add the syslog_forwarder
to forward all local syslog messages
from an instance
to a syslog endpoint.
You can use addons
to add syslog forwarder to all instances;
if you are using cf-deployment,
there is an ops file to accomplish this here
Configure address
and,
optionally,
port
and transport
:
ance_groups:
me: some-instance-group
bs:
name: syslog_forwarder
release: syslog
operties:
syslog:
address: <IP or hostname>
If the syslog endpoint is unavailable, messages will be briefly queued.
TLS over TCP is supported with additional properties.
tls-enabled
should be set to true if you wish to use it.
In a future version, this will likely be true by default.
By default, the windows certificate API is used to validate certs.
If the cert you wish to respect isn't validated by the Windows API,
you will need to set the full cert chain with ca_cert
.
Note that this fully replaces use of the Windows API.
Here are some tips for debugging issues with log forwarding. We're assuming some familiarity with BOSH, but not necessarily with Windows.
There is a useful manifest at tests/manifests/tcp.yml
.
To use it, you will need to provide a deployment name, like so:
bosh deploy -d windows-syslog -v deployment=windows-syslog tests/manifests/tcp.yml
.
To ssh on to a windows VM, you will need the windows utility release.
Our test manifest includes it.
You can then use bosh -d windows-syslog ssh --opts=-T forwarder "echo example command"
to run a single command non interactively on the forwarder job.
Interactive SSH works more or less like you'd expect,
except that you arrive in cmd.exe
.
Our test manifest includes a storer from the linux syslog release, and the windows forwarder job is configured to send logs to it.
The blobstore for this release is on Google Cloud Storage. Access is controlled by membership in the cf-syslog@pivotal.io mailing list.