🚀 DevOps & SRE Certification Program 📅 Starting: 1st of Every Month 🤝 +91 8409492687 🔍 Contact@DevOpsSchool.com

Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours on Instagram and YouTube and waste money on coffee and fast food, but won’t spend 30 minutes a day learning skills to boost our careers.
Master in DevOps, SRE, DevSecOps & MLOps!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

Uncategorised

Newrelic log – Example of a logging.d configuration file in YAML format

November 25, 2020 comments off
###############################################################################
# Log forwarder configuration file example #
# Source: file #
# Available customization parameters: attributes, max_line_kb, pattern #
###############################################################################
logs:
# Basic tailing of a single file
- name: basic-file
file: /var/log/logFile.log
# File with spaces in its path. No need to use quotes.
- name: file-with-spaces-in-path
file: /var/log/folder with spaces/logFile.log
# Specify a list of custom attributes, as key-value pairs, to be included
# in each log record
- name: file-with-attributes
file: /var/log/logFile.log
attributes:
application: tomcat
department: sales
maintainer: example@mailprovider.com
# Use wildcards to refer to multiple files having a common extension or
# prefix. Newly generated files will be automatically detected every 60
# seconds.
#
# WARNING: avoid using wildcards that include the file extension, since
# it'll cause logs to be forwarded repeatedly if log rotation is enabled.
- name: log-files-in-folder
file: /var/log/logF*.log
# Lines longer than 128 KB will be automatically skipped. Use 'max_line_kb'
# to increase this limit.
- name: log-file-with-long-lines
file: /var/log/logFile.log
max_line_kb: 256
# Use 'pattern' to filter records using a regular expression
- name: only-records-with-warn-and-error
file: /var/log/logFile.log
pattern: WARN|ERROR
view raw linux-file.yml hosted with ❤ by GitHub
###############################################################################
# Log forwarder configuration file example #
# Source: fluentbit #
# Available customization parameters: <none> #
###############################################################################
logs:
# Use an external configuration file in the Fluentbit native format. You can
# also define your own 'parsers.conf' file if your native Fluentbit
# configuration file defines custom parsers for your log records.
#
# WARNING: do not define an output using the 'newrelic' plugin in external
# configuration files, as you'd potentially end up with duplicated log
# records in New Relic. The New Relic agent already sets an output plugin
# for you.
#
# NOTE: 'rfc3164', 'rfc3164-local' and 'rfc5424' are reserved parser names
# and must not be used in your custom parsers.conf
- name: external-fluentbit-config-and-parsers-file
fluentbit:
config_file: /home/user/Configs/fluent-bit.conf
parsers_file: /home/user/Configs/parsers.conf
view raw linux-fluentbit.yml hosted with ❤ by GitHub
###############################################################################
# Log forwarder configuration file example #
# Source: syslog #
# Available customization parameters: attributes, max_line_kb #
###############################################################################
logs:
# Syslog RFC3164 via TCP IP socket
- name: syslog-tcp-rfc3164
syslog:
uri: tcp://127.0.0.1:5140
parser: rfc3164
# Syslog RFC5424 via TCP IP socket
- name: syslog-tcp-rfc5424
syslog:
uri: tcp://127.0.0.1:5141
parser: rfc5424
# Syslog RFC3164 via UDP IP socket
- name: syslog-udp-rfc3164
syslog:
uri: udp://127.0.0.1:6140
parser: rfc3164
# Syslog RFC5424 via UDP IP socket
- name: syslog-udp-rfc5424
syslog:
uri: udp://127.0.0.1:6141
parser: rfc5424
# General WARNINGS on Syslog via Unix (domain) sockets:
# - Default socket permissions are changed to 0644 by Fluentbit, so only
# processes running as root (if the agent runs as root) or nri-agent (if
# the agent runs as nri-agent) will be able to write to the logs. You can
# use 0666 to allow processes run by other users to write into the socket,
# at your own risk.
# - Sockets must either exist and be readable by the user executing the
# Infrastructure Agent, or defined in a folder where such user can create a
# new socket file.
# Syslog RFC3164 via TCP Unix (domain) socket
- name: syslog-unix-tcp-rfc3164
syslog:
uri: unix_tcp:///home/user/Sockets/unix-tcp-socket-rfc3164
parser: rfc3164
# unix_permissions: 0666
# Syslog RFC5424 via TCP Unix (domain) socket
- name: syslog-unix-tcp-rfc5424
syslog:
uri: unix_tcp:///home/user/Sockets/unix-tcp-socket-rfc5424
parser: rfc5424
# unix_permissions: 0666
# Syslog RFC3164 via UDP Unix (domain) socket
- name: syslog-unix-udp-rfc3164
syslog:
uri: unix_udp:///home/user/Sockets/unix-udp-socket-rfc3164
parser: rfc3164
# unix_permissions: 0666
# Syslog RFC5424 via UDP Unix (domain) socket
- name: syslog-unix-udp-test-rfc5424
syslog:
uri: unix_udp:///home/user/Sockets/unix-udp-socket-rfc5424
parser: rfc5424
# unix_permissions: 0666
# You can optionally include the 'attributes' and 'max_line_kb parameters'
# (refer to file.yml.example or to the official documentation for more
# details)
- name: customized-syslog-tcp-rfc5424
syslog:
uri: tcp://127.0.0.1:5142
parser: rfc5424
attributes:
application: tomcat
department: sales
maintainer: example@mailprovider.com
max_line_kb: 256
view raw linux-syslog.yml hosted with ❤ by GitHub
###############################################################################
# Log forwarder configuration file example #
# Source: systemd #
# Available customization parameters: attributes, max_line_kb, pattern #
###############################################################################
logs:
# Systemd 'cupsd' service
# WARNING: Infrastructure Agent must run as *root* to use this source
- name: systemd-cups
systemd: cupsd
# You can optionally include the 'attributes', 'max_line_kb' and 'pattern'
# parameters (refer to file.yml.example or to the official documentation for
# more details)
- name: customized-systemd-cupsd
systemd: cupsd
attributes:
application: tomcat
department: sales
maintainer: example@mailprovider.com
max_line_kb: 256
pattern: WARN|ERROR
view raw linux-systemd.yml hosted with ❤ by GitHub
###############################################################################
# Log forwarder configuration file example #
# Source: tcp #
# Available customization parameters: attributes, max_line_kb #
###############################################################################
logs:
# TCP log ingestion with no specific format. Records separated by line breaks.
- name: tcp-with-no-format
tcp:
uri: tcp://127.0.0.1:5170
format: none
separator: \n
# TCP log ingestion in JSON format.
- name: tcp-json
tcp:
uri: tcp://127.0.0.1:5171
format: json
# You can optionally include the 'attributes' and 'max_line_kb' parameters
# (refer to file.yml.example or to the official documentation for more
# details)
- name: customized-tcp-json
tcp:
uri: tcp://127.0.0.1:5172
format: json
attributes:
application: tomcat
department: sales
maintainer: example@mailprovider.com
max_line_kb: 256
view raw linux-tcp.yml hosted with ❤ by GitHub
# Remember to only use spaces for indentation
logs:
# Example of 'file' source
- name: file-with-attributes
file: /var/log/test.log # Path to a single file or pattern
attributes: # You can use custom attributes to enrich your data
logtype: nginx
team: The A Team
pattern: Error # Regular expression to filter log entries
# Example of 'systemd' source (Linux only)
- name: systemd-example
systemd: cupsd
# Examples of 'syslog' source, one per protocol
# TCP network socket
- name: syslog-tcp-test
syslog:
uri: tcp://0.0.0.0:5140 # Use the tcp://LISTEN_ADDRESS:PORT format
parser: rfc5424 # Default syslog parser is rfc3164
# UDP network socket
- name: syslog-udp-test
syslog:
uri: udp://0.0.0.0:6140 # Use the udp://LISTEN_ADDRESS:PORT format
max_line_kb: 35
# Paths for Unix sockets are defined by combining protocol and path:
# unix_udp:// + /path/socket - for example, unix_udp:///tmp/socket
# Unix TCP domain socket
- name: syslog-unix-tcp-test
syslog:
uri: unix_tcp:///var/unix-tcp-socket-test
unix_permissions: 0666 # Default is 0644. Change at your own risk
# Unix UDP domain socket
- name: syslog-unix-udp-test
syslog:
uri: unix_udp:///var/unix-udp-socket-test
parser: rfc5424
# Examples of 'tcp' source for formats 'none' and 'json'
- name: tcp-simple-test
tcp:
uri: tcp://0.0.0.0:1234 # Use the tcp://LISTEN_ADDRESS:PORT format
format: none # Raw text - this is default for 'tcp'
separator: \t # String for separating raw text entries
attributes: # You can add custom attributes to any source of logs
tcpFormat: none
someOtherAttribute: associatedValue
max_line_kb: 32
- name: tcp-json-test
tcp:
uri: tcp://0.0.0.0:2345 # Use the tcp://LISTEN_ADDRESS:PORT format
format: json
attributes:
tcpFormat: json
yetAnotherAttribute: 12345
# Example of Fluent Bit configuration import
- name: fluentbit-import
fluentbit:
config_file: /path/to/fluentbit.config
parsers_file: /path/to/fluentbit/parsers.conf
view raw sample.yaml hosted with ❤ by GitHub
###############################################################################
# Log forwarder configuration file example #
# Source: file #
# Available customization parameters: attributes, max_line_kb, pattern #
###############################################################################
logs:
# Basic tailing of a single file
- name: basic-file
file: C:\logs\logFile.log
# File with spaces in its path. No need to use quotes.
- name: file-with-spaces-in-path
file: C:\ProgramData\Vendor Name With Spaces\Application Name\logFile.log
# Specify a list of custom attributes, as key-value pairs, to be included
# in each log record
- name: file-with-attributes
file: C:\logs\logFile.log
attributes:
application: tomcat
department: sales
maintainer: example@mailprovider.com
# Use wildcards to refer to multiple files having a common extension or
# prefix. Newly generated files will be automatically detected every 60
# seconds.
#
# WARNING: avoid using wildcards that include the file extension, since
# it'll cause logs to be forwarded repeatedly if log rotation is enabled.
- name: log-files-in-folder
file: C:\logs\logF*.log
# Lines longer than 128 KB will be automatically skipped. Use 'max_line_kb'
# to increase this limit.
- name: log-file-with-long-lines
file: C:\logs\logFile.log
max_line_kb: 256
# Use 'pattern' to filter records using a regular expression
- name: only-records-with-warn-and-error
file: C:\logs\logFile.log
pattern: WARN|ERROR
view raw windows-file.yml hosted with ❤ by GitHub
###############################################################################
# Log forwarder configuration file example #
# Source: fluentbit #
# Available customization parameters: <none> #
###############################################################################
logs:
# Use an external configuration file in the Fluentbit native format. You can
# also define your own 'parsers.conf' file if your native Fluentbit
# configuration file defines custom parsers for your log records.
#
# WARNING: do not define an output using the 'newrelic' plugin in external
# configuration files, as you'd potentially end up with duplicated log
# records in New Relic. The New Relic agent already sets an output plugin
# for you.
#
# NOTE: 'rfc3164', 'rfc3164-local' and 'rfc5424' are reserved parser names
# and must not be used in your custom parsers.conf
- name: external-fluentbit-config-and-parsers-file
fluentbit:
config_file: C:\Users\user\Configs\fluent-bit.conf
parsers_file: C:\Users\user\Configs\parsers.conf
view raw windows-fluentbit.yml hosted with ❤ by GitHub
###############################################################################
# Log forwarder configuration file example #
# Source: tcp #
# Available customization parameters: attributes, max_line_kb #
###############################################################################
logs:
# TCP log ingestion with no specific format. Records separated by line breaks.
- name: tcp-with-no-format
tcp:
uri: tcp://127.0.0.1:5170
format: none
separator: \n
# TCP log ingestion in JSON format.
- name: tcp-json
tcp:
uri: tcp://127.0.0.1:5171
format: json
# You can optionally include the 'attributes' and 'max_line_kb' parameters
# (refer to file.yml.example or to the official documentation for more
# details)
- name: customized-tcp-json
tcp:
uri: tcp://127.0.0.1:5172
format: json
attributes:
application: tomcat
department: sales
maintainer: example@mailprovider.com
max_line_kb: 256
view raw windows-tcp.yml hosted with ❤ by GitHub
###############################################################################
# Log forwarder configuration winlog example #
# Source: windows event log #
###############################################################################
logs:
# Winlog log ingestion with eventId filters.
- name: windows-security
winlog:
channel: Security
collect-eventids:
- 4624
- 4265
- 4700-4800
exclude-eventids:
- 4735
# Add event IDs or ranges to collect-eventids or exclude-eventids to forward
# or drop specific events. exclude-eventids takes precedence over collect-eventids
view raw windows-winlog.yml hosted with ❤ by GitHub

Certification Courses

DevOpsSchool has introduced a series of professional certification courses designed to enhance your skills and expertise in cutting-edge technologies and methodologies. Whether you are aiming to excel in development, security, or operations, these certifications provide a comprehensive learning experience. Explore the following programs:

DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.