External log targets
vProtect uses log4j2 for logging both in the Node and Server. This module allows to write to external log targets. All supported appenders are described here: https://logging.apache.org/log4j/2.x/manual/appenders.html.
Below, you can find information on how to set Syslog as a target for vProtect Server and Node.
  1. 1.
    To support Syslogs, make sure you have rsyslog package - if not you can install it like this:
    1
    sudo yum -y install rsyslog
    Copied!
  2. 2.
    In /etc/rsyslog.conf file:
    • uncomment these lines to enable UDP socket transport:
      1
      #module(load="imudp") # needs to be done just once
      2
      #input(type="imudp" port="514")
      Copied!
    • add this line under #### GLOBAL DIRECTIVES #### section to support newline characters:
      1
      $EscapeControlCharactersOnReceive off
      Copied!
  3. 3.
    Open 514 port for UDP connection
    1
    firewall-cmd --permanent --add-port=514/udp
    2
    firewall-cmd --reload
    Copied!
  4. 4.
    Enable rsyslog service
    1
    systemctl enable --now rsyslog
    Copied!
  5. 5.
    To use Syslog's with vProtect Server add in log4j2-server.xml file:
    • in Appenders section add Syslog appender:
      1
      <Socket name="Syslog" host="localhost" port="514" protocol="UDP">
      2
      <PatternLayout
      3
      pattern="${hostName} vprotect-server: %level [%t] %c{1}.%M:%L %n[${ctx:task:-}] %msg%n%n"/>
      4
      </Socket>
      Copied!
    • in Loggers add reference to Syslog appender in Root section:
      1
      <AppenderRef ref="Syslog"/>
      Copied!
  6. 6.
    Restart vProtect Server service:
    1
    systemctl restart vprotect-server
    Copied!
Example of log4j2-server.xml after modifications:
1
<?xml version="1.0" encoding="UTF-8"?>
2
<Configuration status="WARN">
3
<Properties>
4
<Property name="baseDir">/opt/vprotect/logs/api</Property>
5
</Properties>
6
<Appenders>
7
<Console name="Console" target="SYSTEM_OUT">
8
<PatternLayout pattern="%d{yyyy-MM-dd HH:mm:ss} %-5p [%t] %c{1}.%M:%L - %msg%n"/>
9
</Console>
10
11
<RollingFile name="RollingFile" filename="${baseDir}/api.log"
12
filepattern="${baseDir}/api.log_%d{yyyy-MM-dd--HH.mm.ss}.log.zip" fileOwner="vprotect"
13
fileGroup="vprotect" filePermissions="rw-rw----">
14
<PatternLayout pattern="[%d{yyyy-MM-dd HH:mm:ss}] %-5p [%t] %X %c{1}.%M:%L%n%msg%n%n"/>
15
<Policies>
16
<SizeBasedTriggeringPolicy size="2 MB" />
17
</Policies>
18
<DefaultRolloverStrategy max="20">
19
<Delete basePath="${baseDir}" maxDepth="1">
20
<IfFileName glob="api.log_*.log.zip"/>
21
<IfAccumulatedFileCount exceeds="20"/>
22
</Delete>
23
</DefaultRolloverStrategy>
24
</RollingFile>
25
26
<Socket name="Syslog" host="localhost" port="514" protocol="UDP">
27
<PatternLayout pattern="${hostName} vprotect-server: %level [%t] %c{1}.%M:%L %n[${ctx:task:-}] %msg%n%n"/>
28
</Socket>
29
</Appenders>
30
<Loggers>
31
<Root level="DEBUG">
32
<AppenderRef ref="RollingFile" />
33
<AppenderRef ref="Syslog" />
34
</Root>
35
</Loggers>
36
</Configuration>
Copied!
  1. 1.
    To use Syslog's with vProtect Node add in log4j2-node.xml file:
    • in Appenders section add Syslog appender:
      1
      <Socket name="Syslog" host="localhost" port="514" protocol="UDP">
      2
      <PatternLayout
      3
      pattern="${hostName} vprotect-node: %level [%t] %c{1}.%M:%L %n[${ctx:task:-}] %msg%n%n"/>
      4
      </Socket>
      Copied!
    • in Loggers add reference to Syslog appender in Root section:
      1
      <AppenderRef ref="Syslog"/>
      Copied!
  2. 2.
    Restart vProtect Node service:
    1
    systemctl restart vprotect-node
    Copied!
Example of log4j2-node.xml after modifications:
1
<?xml version="1.0" encoding="UTF-8"?>
2
<Configuration status="WARN">
3
<Properties>
4
<Property name="logLevel">DEBUG</Property>
5
<Property name="baseDir">/opt/vprotect/logs/${sys:node:-null}</Property>
6
<Property name="vmwareBaseDir">/opt/vprotect/logs/vmware</Property>
7
<Property name="daemonLogFileName">vprotect_daemon.log</Property>
8
<Property name="clientLogFileName">vprotect_client.log</Property>
9
<Property name="vmwareLogFileName">vprotect_vmware.log</Property>
10
</Properties>
11
<Appenders>
12
<Routing name="Routing">
13
<Routes pattern="${sys:port}">
14
<Route key="${sys:port}">
15
<RollingFile name="CLI" filename="${baseDir}/${clientLogFileName}"
16
filepattern="${baseDir}/${clientLogFileName}.%i">
17
<PatternLayout pattern="[%d{yyyy-MM-dd HH:mm:ss}] %level [%t] %c{1}.%M:%L %n%msg%n%n"/>
18
<Policies>
19
<SizeBasedTriggeringPolicy size="8 MB"/>
20
</Policies>
21
<DefaultRolloverStrategy max="50">
22
<Delete basePath="${baseDir}" maxDepth="1">
23
<IfFileName glob="${clientLogFileName}.*"/>
24
<IfAccumulatedFileCount exceeds="50"/>
25
</Delete>
26
</DefaultRolloverStrategy>
27
</RollingFile>
28
</Route>
29
<Route>
30
<RollingFile name="Engine" filename="${baseDir}/${daemonLogFileName}"
31
filepattern="${baseDir}/${daemonLogFileName}.%i">
32
<PatternLayout pattern="[%d{yyyy-MM-dd HH:mm:ss.SSS}] %level [%t] %c{1}.%M:%L %n[${ctx:task:-}] %msg%n%n"/>
33
<Policies>
34
<SizeBasedTriggeringPolicy size="8 MB"/>
35
</Policies>
36
<DefaultRolloverStrategy max="50">
37
<Delete basePath="${baseDir}" maxDepth="1">
38
<IfFileName glob="${daemonLogFileName}.*"/>
39
<IfAccumulatedFileCount exceeds="50"/>
40
</Delete>
41
</DefaultRolloverStrategy>
42
</RollingFile>
43
</Route>
44
</Routes>
45
</Routing>
46
47
<Console name="StdOut" target="SYSTEM_OUT">
48
<PatternLayout pattern="%msg%n"/>
49
</Console>
50
51
<RollingFile name="VMware" filename="${vmwareBaseDir}/${vmwareLogFileName}"
52
filepattern="${vmwareBaseDir}/${vmwareLogFileName}.%i" fileGroup="vprotect" fileOwner="vprotect"
53
filePermissions="rw-rw-rw-">
54
<PatternLayout pattern="[%d{yyyy-MM-dd HH:mm:ss}] %level [%t] %c{1}.%M:%L %n%msg%n%n"/>
55
<Policies>
56
<SizeBasedTriggeringPolicy size="8 MB"/>
57
</Policies>
58
<DefaultRolloverStrategy max="50">
59
<Delete basePath="${vmwareBaseDir}" maxDepth="1">
60
<IfFileName glob="${vmwareLogFileName}.*"/>
61
<IfAccumulatedFileCount exceeds="50"/>
62
</Delete>
63
</DefaultRolloverStrategy>
64
</RollingFile>
65
66
<Socket name="Syslog" host="localhost" port="514" protocol="UDP">
67
<PatternLayout pattern="${hostName} vprotect-node: %level [%t] %c{1}.%M:%L %n[${ctx:task:-}] %msg%n%n"/>
68
</Socket>
69
</Appenders>
70
<Loggers>
71
<Root level="${logLevel}">
72
<AppenderRef ref="Routing"/>
73
<AppenderRef ref="Syslog"/>
74
</Root>
75
<Logger name="StdOut" additivity="false">
76
<AppenderRef ref="StdOut"/>
77
</Logger>
78
<Logger name="VMware" level="${logLevel}" additivity="false">
79
<AppenderRef ref="VMware"/>
80
</Logger>
81
</Loggers>
82
</Configuration>
Copied!
Notice: If you want to use Syslogs in both vProtect Server and Node you need to use two different udp ports and specify them in /etc/rsyslog.conf
Last modified 10mo ago
Copy link