Ship Linux logs

Setup

Configuration tl;dr

Files

Sample configuration

Listener

Port 5000. For help finding your region’s listener host, see Account region.

Default log location

/var/log/

Log type (for preconfigured parsing)

syslog

Guided configuration

You’ll need: root access

1. Run the rsyslog configuration script

   Replace <<SHIPPING-TOKEN>> with the token of the account you want to ship to.
   
   Replace <<LISTENER-HOST>> with your region’s listener host (for example, listener.logz.io). For more information on finding your account’s region, see Account region.

   curl -sLO https://github.com/logzio/logzio-shipper/raw/master/dist/logzio-rsyslog.tar.gz \
     && tar xzf logzio-rsyslog.tar.gz \
     && sudo rsyslog/install.sh -t linux -a "<<SHIPPING-TOKEN>>" -l "<<LISTENER-HOST>>"
   

2. Check Logz.io for your logs

   Give your logs some time to get from your system to ours, and then open Kibana.

   If you still don’t see your logs, see log shipping troubleshooting.