2.2.1 Download Forwarder


The download includes an RPM package of the CloudStat Log Forwarder and the CloudStat public certificate.

Operating System
  • CentOS 5+
  • Red Hat Enterprise Linux 4+
Download

2.2.2 Install Forwarder


Create a temporary folder.
# mkdir loganalysis-forwarder

 

 

Move tarball into the temporary folder.

# mv loganalysis-forwarder.tar.gz -t loganalysis-forwarder/
# cd  loganalysis-forwarder/

 

Extract tarball.

# tar xzf loganalysis-forwarder.tar.gz

 

Install RPM package

# rpm -ivh loganalysis-forwarder-0.4.0-1.x86_64.rpm

 

Copy CloudStat certificate

 

# cp -pr loganalysis_2050.crt /opt/loganalysis-forwarder/

 

 

2.2.3 Configure the CloudStat Forwarder


Make the following changes (highlighted in red) in the configuration file: /etc/loganalysis-forwarder.conf

 

loganalysis-forwarder.conf
{
  # The network section covers network configuration :)
  "network": {
    # A list of downstream servers listening for our messages.
    # loganalysis-forwarder will pick one at random and only switch if
    # the selected one appears to be dead or unresponsive
    "servers": [ "<Secure Cloud Connector Host>:514" ],
    # The path to your client ssl certificate (optional)
    #"ssl certificate": "./loganalysis-forwarder.crt",
    # The path to your client ssl key (optional)
    #"ssl key": "./loganalysis-forwarder.key",
    # The path to your trusted ssl CA file. This is used
    # to authenticate your downstream server.
    "ssl ca": "/opt/loganalysis-forwarder/loganalysis_2050.crt ",
    # Network timeout in seconds. This is most important for
    # loganalysis-forwarder determining whether to stop waiting for an
    # acknowledgement from the downstream server. If an timeout is reached,
    # loganalysis-forwarder will assume the connection or server is bad and
    # will connect to a server chosen at random from the servers list.
    "timeout": 15
  },
  # The list of files configurations
  "files": [
  #{
    # "paths": [
    # "/var/log/messages"
    # ],
    # "fields": { "type": "test" }
    #}
    # An array of hashes. Each hash tells what paths to watch and
    # what fields to annotate on events from those paths.
    #{
      #"paths": [
        # single paths are fine
        #"/var/log/messages",
        # globs are fine too, they will be periodically evaluated
        # to see if any new files match the wildcard.
        #"/var/log/*.log"
      #],
      # A dictionary of fields to annotate on each event.
      #"fields": { "type": "syslog" }
    #}, {
      # A path of "-" means stdin.
      #"paths": [ "-" ],
      #"fields": { "type": "stdin" }
    #}, {
      #"paths": [
        #"/var/log/apache/httpd-*.log"
      #],
      #"fields": { "type": "apache" }
    #}
  ]
}

 

 

2.2.4 Start the Forwarder


From the command line, enter the following:

 

# /etc/init.d/loganalysis-forwarder start
# chkconfig --add loganalysis-forwarder