dpc-sdp / tide_logs
Log forwarder for SumoLogic OTel collector.
Installs: 22 418
Dependents: 1
Suggesters: 0
Security: 0
Stars: 0
Watchers: 8
Forks: 0
Open Issues: 0
Type:drupal-module
Requires
- drupal/lagoon_logs: ^2.1
README
Provides a SumoLogic handler for Monolog.
Requirements
There is also a soft dependency on the following modules
- admin audit trail - auditable events are sent to the Drupal logs
Activation
- The module requires a working Sumo Logic OTEL Collector to which it can send logs.
- A helm chart has been created here for easy installation on Kubernetes clusters.
- To test locally, in a test project:
- Create a file at
.docker/sumologic-otel/config.yaml
with the following content:extensions: sumologic: # Get from https://service.au.sumologic.com/ui/#/security/installation-tokens install_token: <collector-install-token> # Highly recommend adding a unique suffix, otherwise you might run into conflicts with other collector instances. collector_name: SDP Syslog - OTEL - <random-suffix> clobber: true receivers: udplog: listen_address: "0.0.0.0:514" attributes: source_name: "foobar/otel/test" operators: - type: json_parser - type: metadata id: metadata/source_host if: '"source_host" in $$body' attributes: source_host: 'EXPR($$body.source_host)' - type: metadata id: metadata/source_category if: '"source_category" in $$body' attributes: source_category: 'EXPR($$body.source_category)' processors: {} exporters: logging: loglevel: debug sumologic: auth: authenticator: sumologic source_category: "%{source_category}" source_name: "%{source_name}" source_host: "%{source_host}" metadata_attributes: - source.* service: extensions: [sumologic] pipelines: logs: receivers: [udplog] exporters: [sumologic]
- Add a service to
docker-compose.yml
as follows:sumo-otel: image: "public.ecr.aws/sumologic/sumologic-otel-collector:${SUMO_OTEL_RELEASE_VERSION:-0.47.0-sumo-0}" volumes: - .docker/sumologic-otel:/etc/otel ports: - 514 networks: - amazeeio-network - default labels: lagoon.type: none
- Running
ahoy up
will register the instance with Sumo Logic; it's now ready to start collecting logs. Rundocker-compose logs -f sumo-otel
to make sure there were no errors. The last line should be something likeEverything is ready. Begin running and processing data.
- Create a file at
- Enable the Tide Logs module. Go to
/admin/config/development/tide_logs
and ensureUDPlog host
andUDPlog port
correspond to the service's name and the port in theconfig.yaml
respectively, if running with docker-compose. The module's default isudp://logger.default.svc:5514
(see the default config here). SUMOLOGIC_CATEGORY
can also be set if a different category from the default (sdp/dev/tide
) is required.- The following search query can then be used in SumoLogic to view the logs:
_collector="SDP Syslog - OTEL - <random-suffix>" and _sourceCategory="sdp/dev/tide"
Debug
Some very basic debug messages can be printed locally (or remotely if you have drush access) by setting the following config variable:
drush config:set tide_logs.settings debug 1