GitHub Blogs

Sidecar

😋 Powered by Graylog Sidecar.

LeonaAgent V1.0 is coming, only for LeonaLog collectting log data.

Leona Sidecar is a lightweight configuration management system for different log collections, also called Backends. The leona node(s) acts as a centralized hub containing the configurations of log collections. On supported message-producing devices/hosts, sidecar can run as a serivce or daemon.

Installation

You can get .deb or .rpm packages for LeonaLog Sidecar in our package repository.

CentOS

Install the sidecar repository configuration and sidecar itself with the following commands:

rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-sidecar-repository-1-2.noarch.rpm
yum install graylog-sidecar

Edit the configuration (see Sidecar Configuration) and active the sidecar as a system service:

vi /etc/graylog/sidecar/sidecar.yml

graylog-sidecar -service install

systemctl enable graylog-sidecar
systemctl start graylog-sidecar

Ubuntu

Install the sidecar repository configuration and sidecar itself with the following commands:

wget https://packages.graylog2.org/repo/packages/graylog-sidecar-repository_1-2_all.deb
dpkg -i graylog-sidecar-repository_1-2_all.deb
apt-get update && apt-get install graylog-sidecar

Edit the configuration (see Sidecar Configuration ) and activate the Sidecar as a system service:

vi /etc/graylog/sidecar/sidecar.yml

graylog-sidecar -service install

# Ubuntu 14.04 with Upstart
start graylog-sidecar

# Ubuntu 16.04 and later with systemd
systemctl enable graylog-sidecar
systemctl start graylog-sidecar

Sidecar Configuration

Configuration example:

# The URL to the Graylog server API.
server_url: "http://127.0.0.1:9006/api/"

# The API token to use to authenticate against the Graylog server API.
# This field is mandatory
server_api_token: "1i4dcd68svirjkl67adarifiu5k2i2essueprcciceqdvc87ocof"

# The node name of the sidecar. If this is empty, the sidecar will use the
# hostname of the host it is running on.
node_name: "c-192.168.120.15"

# The update interval in seconds. This configures how often the sidecar will
# contact the Graylog server for keep-alive and configuration update requests.
update_interval: 10

# This configures if the sidecar should skip the verification of TLS connections.
# Default: false
#tls_skip_verify: false

# This enables/disables the transmission of detailed sidecar information like
# collector statues, metrics and log file lists. It can be disabled to reduce
# load on the Graylog server if needed. (disables some features in the server UI)
send_status: true

...

Parameter descriptions:

  • server_url: URL to the leona API, e.g. http://192.168.120.100:9000/api/

  • server_api_token: The API token to use to authenticate against the leona server API. Note: The token is mandatory and needs to be configured.

  • node_id: The node ID of the sidecar. This can be a path to a file or an ID string. Node: Every sidecar instance needs a unique ID.

  • node_name: Name of the sidecar instance.

  • update_interval: The interval where the sidecar will fetch new configurations from the leona server in seconds. The default is 10.

  • tls_skip_verify: This configures if the sidecar should skip the verification of TLS connections. The default is false.

  • send_status: This controls the transmission of detailed sidecar information like collector status, metrics and log file lists. It can be disabled to reduce load on the leona server if needed. The default is true.

  • list_log_files: Send a directory listing to leona and display it on the host status page, e.g. /var/log. This can also be a list of directories. The default is [].

  • cache_path: The directory where the sidecar stores internal data.

  • collector_configuration_directory: The directory where the sidecar generates configurations for collectors.

  • log_path: The directory where the sidecar stores its logs. The default is /var/log/graylog-sidecar.

  • log_rotate_max_file_size: The maximum size of the log file before it gets rotated. The default is 10MiB.

  • log_rotate_keep_files: The maximum number of old log files to retain.

  • collector_binaries_accesslist: A list of binaries that are allowed to be executed by the sidecar. An empty list disables the access list feature.

PreviousInputNextForwarder

Last updated