Configuring your Linux system's Apache web logs

This page will guide you through how to configure syslog to transfer your Apache logs into the Logscape Cloud.


1) Configure your Syslog

Create a new file in your rsyslog.d directory, we called it 21-Apache-Logscape.config, inside it place the following


$InputFilePollInterval 10
$PrivDropToGroup adm
$WorkDirectory /var/spool/rsyslog
 
# Apache access file:
$InputFileName /var/log/apache2/access.log
$InputFileTag apache-access:
$InputFileStateFile stat-apache-access
$InputFileSeverity info
$InputFilePersistStateInterval 20000
$InputRunFileMonitor
 
#Apache Error file:
$InputFileName /var/log/apache2/error.log
$InputFileTag apache-error:
$InputFileStateFile stat-apache-error
$InputFileSeverity error
$InputFilePersistStateInterval 20000
$InputRunFileMonitor
 
#Add a tag for apache events
template CloudApache,"LOGSCAPETOKEN:YOUR_SECURITY_TOKEN_HERE LOGSCAPETAG:apache <%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% %msg%"
*.* @@lscape1.logscape.com:1468;CloudApache
 
if $programname == 'apache-access' then @@collector.logscape.com:1468;CloudApache
if $programname == 'apache-access' then ~
if $programname == 'apache-error' then @@collector.logscape.com;CloudApache
if $programname == 'apache-error' then ~

You'll also need to check your rsyslog.conf to make sure the following module has been loaded.

$ModLoad imfile
2) Restart the Syslog daemon

Now restart your Syslog daemon.

sudo service rsyslog restart
3) Check Logscape for connectivity

Log into the Logscape Cloud and check the Apache workspaces to see your data.