Getting Started with Logs
Install Rsyslog
For Debian/Ubuntu:
sudo apt update sudo apt install rsyslog
For RHEL/CentOS:
sudo yum install rsyslog sudo systemctl enable rsyslog sudo systemctl start rsyslog
Verify that rsyslog is running:
sudo systemctl status rsyslog
Configure forwarding
Edit the rsyslog configuration file (usually /etc/rsyslog.conf or /etc/rsyslog.d/*.conf).
Open the configuration file:
sudo nano /etc/rsyslog.conf
Enable TCP forwarding by adding *.* @@remote-server-ip:514 to the config:
# /etc/rsyslog.conf configuration file for rsyslog # # For more information install rsyslog-doc and see # /usr/share/doc/rsyslog-doc/html/configuration/index.html # # Default logging rules can be found in /etc/rsyslog.d/50-default.conf ################# #### MODULES #### ################# *.* @@<YOUR-ASCENT-ENV>:514
Save your changes and restart rsyslog
sudo systemctl restart rsyslog
Verify ingestion in Ascent
On your server, use logger to log a custom message which you can track easily in order to verify ingestion has been successful.
Use the logger command to trigger a custom log entry:
logger "This is a test message from $(hostname)"
It might take a slight moment for this entry to appear in the Ascent platform, so if it doesn’t show up immediately, give it a moment and check again.
In your Ascent platform, navigate to Explore > Logs & Insights
In the filter view, search for namespace default_namespace. Then look for your username which generated the custom log entry, and click on it.
This view should only display the custom log entry generated earlier
Last updated
Was this helpful?