@sematext/logagent
Smart log parser written in Node
Last updated 6 days ago by megastef .
Apache-2.0 · Repository · Bugs · Original npm · Tarball
$ cnpm install @sematext/logagent 
SYNC missed versions from official npm registry.

bitHound Overall Score Build Status Deploy - read more

What is Logagent

Logagent is a modern, open-source, light-weight log shipper. It is like Filebeat and Logstash in one, without the JVM memory footprint. It comes with out of the box and extensible log parsing, on-disk buffering, secure transport, and bulk indexing to Elasticsearch, Logsene, and other destinations. Its low memory footprint and low CPU overhead makes it suitable for deploying on edge nodes and devices, while its ability to parse and structure logs makes it a great Logstash alternative.

Docker

The docker container can be configured through the following environment variables:

Run a container: The following example enables UDP syslog receiver and ships all log files from /var/log to Sematext Cloud (US). Simply mount the log file directory into Logagent container and provide a glob pattern to match the log files to watch.

docker run -d --name logagent \
-v /var/log:/mylogs
-p 1514:514/udp \
-e LOG_URL=https://logsene-receiver.sematext.com \
-e LOG_INDEX=YOUR_LOGSENE_TOKEN_HERE \
-e LOG_GLOB="/mylogs/**/.log" \
-e LA_ARGUMENTS="-u 514" \
sematext/logagent

Installation

1) Install Node.js

Official Node.js downloads and instructions. E.g. for Debian/Ubuntu:

curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash -
sudo apt-get install -y nodejs
Install Logagent with npm
sudo npm i -g @sematext/logagent

2) Run logagent command line tool

logagent --help

3) Example: Index your log files in Elasticsearch

logagent -e http://localhost:9200 -i logs -g ‘/var/log/**/*.log’

4) Optional: Install service & config

Install service for Logagent using systemd, upstart, launchd To quickly create a config file for indexing into Elasticsearch without having to edit it run something like this:

sudo logagent-setup -u http://localhost:9200 -i INDEX_NAME -g '/var/log/**/*.log'
# Logsene US: use -u https://logsene-receiver.sematext.com and your Logsene App Token as index name.
# Logsene EU: use -u https://logsene-receiver.eu.sematext.com and your Logsene App Token as index name.

Configuration

To configure different inputs, different event processing, or different outputs (e.g. your own Elasticsearch) edit /etc/sematext/logagent.conf, e.g.:

output:
  logsene:
    module: elasticsearch
    url: http://elasticsearch-server:9200
    index: logs

Then restart the service with sudo service logagent restart. Troubleshooting & Logs Logagent’s own logs:

  • Upstart: /var/log/upstart/logagent.log
  • Systemd: journalctl -u logagent
  • Launchd: /Library/Logs/logagent.log

Location of service scripts:

  • Upstart: /etc/init/logagent.conf
  • Systemd: /etc/systemd/system/logagent.service
  • Launchd: /Library/LaunchDaemons/com.sematext.logagent.plist

Start/stop service:

  • Upstart: service logagent stop/start
  • Systemd: systemctl stop/start logagent
  • Launchd: launchctl start/stop com.sematext.logagent

Documentation & Support

Development

  • Update to the last node version
  • From root folder node type: node ./bin/logagent -h
  • To test from root folder type: node test
Maintainers (2)
Downloads
Today 0
This Week 88
This Month 151
Last Day 88
Last Week 41
Last Month 460
Dependencies (41)
Dev Dependencies (4)
Dependents (0)
None

Copyright 2014 - 2017 © taobao.org |