Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

nginx to syslog-ng

By: Pryoidain on Jan 24th, 2012  |  syntax: Bash  |  size: 2.88 KB  |  hits: 1,402  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. ### First let's draft up a quick script to check if pipes exist and create them if needed.
  2.  
  3. ### /scripts/nginxfifo.sh:
  4. #!/bin/bash
  5.  
  6. #
  7. # nginx Syslog-ng Support
  8. # FIFO Creation Script
  9. # Justin Uni Griggs
  10. # Written for Ishikawa
  11. # DEPENDS: nginx,fifo,syslog-ng
  12. #
  13.  
  14. #
  15. # Check for and Create the Access Log
  16. # FIFO if it doesn't exist.
  17. #
  18. if [ ! -p /var/log/nginx/access.log ]; then
  19.         /bin/rm -f /var/log/nginx/access.log
  20.         /usr/bin/mkfifo --mode=0640 /var/log/nginx/access.log
  21. fi
  22.  
  23. #
  24. # Check for and create the Error log
  25. # FIFO if it doesn't exist.
  26. #
  27. if [ ! -p /var/log/nginx/error.log ] ; then
  28.         /bin/rm -f /var/log/nginx/error.log
  29.         /usr/bin/mkfifo --mode=0640 /var/log/nginx/error.log
  30. fi
  31.  
  32. #
  33. # Change the Ownership and Permissions
  34. #
  35. /bin/chown nginx:root /var/log/nginx/access.log
  36. /bin/chown nginx:root /var/log/nginx/error.log
  37.  
  38. ###
  39. ### Now we need to configure syslog-ng to read from the source.
  40. ### In my case I wanted those messages dropped into a log file so that I could run
  41. ### logcheck on them as well as archive them with logrotate.
  42. ###
  43.  
  44. ### /etc/syslog-ng/syslog-ng.conf
  45. source nginx_access { pipe("/var/log/nginx/access.log" program_override("nginx-access-log: ")); };
  46. source nginx_error { pipe("/var/log/nginx/error.log" program_override("nginx-error-log: ")); };
  47. destination nginxaccess { file("/var/log/syslog-ng/nginx.access.log"); };
  48. destination nginxerror { file("/var/log/syslog-ng/nginx.error.log"); };
  49. filter f_naccess { program("nginx-access-log: "); };
  50. filter f_nerror { program("nginx-error-log: "); };
  51. log { source(nginx_access); filter(f_naccess); destination(nginxaccess); };
  52. log { source(nginx_error); filter(f_nerror); destination(nginxerror); };
  53.  
  54. ###
  55. ### Now, Syslog-ng will flip a shit if it tries to activate itself and the pipes don't exist.
  56. ### So what we need to do is make nginx dependent on syslog-ng, so that syslog-ng starts first
  57. ### and we don't get a queue of logs that will dump in (in the event of an attack even the short
  58. ### time between nginx init and syslog-ng init may result in a very large queue which would be
  59. ### very very bad), and then inside syslog-ng's startup system we need to call the fifo creation
  60. ### script BEFORE we call the service start for syslog-ng.
  61. ###
  62. ### This way, the order goes mkfifo->syslog-ng->nginx.
  63. ###
  64.  
  65. ###
  66. ### First nginx dependencies. This is kinda gentoo centric.
  67. ###
  68.  
  69. ### /etc/init.d/nginx
  70. depend() {
  71.         need net
  72.         need syslog-ng
  73.         use dns logger netmount
  74. }
  75.  
  76. ###
  77. ### Now we modify syslog-ng
  78. ###
  79.  
  80. ### /etc/init.d/syslog-ng
  81. start() {
  82.         checkconfig || return 1
  83.         ebegin "Creating nginx FIFO Pipe"
  84.         /scripts/nginxfifo.sh
  85.         eend $? "Failed to create nginx FIFO Pipe"
  86.         ebegin "Starting syslog-ng"
  87.         ...
  88. }
  89.  
  90. ### Then call syslog-ng to reboot which will take down nginx with it and set everything up.
  91. ### Done and done.
create a new version of this paste RAW Paste Data