Skip to content

Commit

Permalink
rework how socklog service works
Browse files Browse the repository at this point in the history
  • Loading branch information
jprjr committed Feb 19, 2019
1 parent 768f064 commit 2b14146
Show file tree
Hide file tree
Showing 12 changed files with 110 additions and 64 deletions.
49 changes: 47 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ ADD https://github.com/just-containers/s6-overlay/releases/download/v1.21.8.0/s6
RUN tar xzf /tmp/s6-overlay-amd64.tar.gz -C /

# Install socklog-overlay
ADD https://github.com/just-containers/socklog-overlay/releases/download/v2.2.1-4/socklog-overlay-amd64.tar.gz /tmp/
ADD https://github.com/just-containers/socklog-overlay/releases/download/v3.0.0-1/socklog-overlay-amd64.tar.gz /tmp/
RUN tar xzf /tmp/socklog-overlay-amd64.tar.gz -C /

ENTRYPOINT ["/init"]
Expand All @@ -38,7 +38,46 @@ with built-in log rotation.

## Customization

None yet, if you have any ideas we'll gladly accept pull requests!
### Custom logging rules

`socklog-overlay` works by reading in a series of `s6-log` logging scripts from
`/etc/socklog.rules`. You can create your own rules by placing a file in
`/etc/socklog.rules`.

For example, if you wanted to save all errors for messages tagged with the
"local0" facility, you could create the file `/etc/socklog.rules/local0-error`

```
-
+^local0\.err
T
/var/log/socklog/local0-errors
```

This will match lines that begin with `local0.err`, prepend them with an ISO8601 timestamp, and save them to the `/var/log/socklog/local0-errors` folder.

Another example, if you wanted to have all syslog messages copied to stdout,
create a file at `/etc/socklog.rules/forward-stdout`:

```
+
1
```

This will match all lines (as indicated by the `+` symbol with an empty regex),
and forward them to stdout (indicated by the `1` symbol).

More details on how to write `s6-log` logging scripts are available in the
[s6-log manual](http://skarnet.org/software/s6/s6-log.html).

### Creating logging folders

The `/etc/cont-init.d/~-socklog` script should run last, and its final step
is to recursively chown `/var/log/socklog`.

Create a script in `/etc/cont-init.d` to make your needed logging folder,
if it's a subfolder of `/var/log/socklog`, you should be covered. If not,
you'll likely need to chown it as well, to the `nobody` user.

Ideas I'd like to flesh out:

Expand All @@ -59,6 +98,12 @@ Then verify the downloaded files:
$ gpg --verify socklog-overlay-amd64.tar.gz.sig socklog-overlay-amd64.tar.gz
```

## Upgrade Notes

`socklog-overlay` version 3.0.0 switched from having the hard-coded
`log/run` script with log pattern rules, to using the `/etc/socklog.rules`
folder. If you have a custom `log/run` script, it should continue to work.

## LICENSE

ISC license, see `LICENSE.md`
Expand Down
73 changes: 11 additions & 62 deletions overlay-rootfs/etc/services.d/socklog/log/run
Original file line number Diff line number Diff line change
@@ -1,66 +1,15 @@
#!/usr/bin/execlineb -P

s6-setuidgid nobody
s6-log -b

-
+^cron\.
T
/var/log/socklog/cron

-
+^daemon\.
T
/var/log/socklog/daemon

-
+^\.debug:
/var/log/socklog/debug

-
+\..err:
+\.error:
+\.emerg:
+\.alert:
+\.crit:
T
/var/log/socklog/errors
backtick -i -n LOGGING_SCRIPT
{
pipeline { pipeline { s6-ls -0 -- /etc/socklog.rules } s6-sort -0 }
forstdin -0 -- i
importas -u i i
redirfd -rb 0 /etc/socklog.rules/${i}
s6-cat
}

-
-auth\.
-authpriv\.
T
/var/log/socklog/everything
importas -u -s LOGGING_SCRIPT LOGGING_SCRIPT

-
+^kern\.
T
/var/log/socklog/kernel

-
+^mail\.
T
/var/log/socklog/mail

-
+\.info:
+\.notice:
+\.warn:
-^auth\.
-^authpriv\.
-^mail\.
-^news\.
-^cron\.
T
/var/log/socklog/messages

-
+^auth\.
+^authpriv\.
T
/var/log/socklog/secure

-
+^user\.
T
/var/log/socklog/user
s6-setuidgid nobody
s6-log -bp $LOGGING_SCRIPT
4 changes: 4 additions & 0 deletions overlay-rootfs/etc/socklog.rules/~-cron
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-
+^cron\.
T
/var/log/socklog/cron
4 changes: 4 additions & 0 deletions overlay-rootfs/etc/socklog.rules/~-daemon
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-
+^daemon\.
T
/var/log/socklog/daemon
3 changes: 3 additions & 0 deletions overlay-rootfs/etc/socklog.rules/~-debug
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
-
+^\.debug:
/var/log/socklog/debug
8 changes: 8 additions & 0 deletions overlay-rootfs/etc/socklog.rules/~-errors
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
-
+\..err:
+\.error:
+\.emerg:
+\.alert:
+\.crit:
T
/var/log/socklog/errors
5 changes: 5 additions & 0 deletions overlay-rootfs/etc/socklog.rules/~-everything
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
+
-auth\.
-authpriv\.
T
/var/log/socklog/everything
4 changes: 4 additions & 0 deletions overlay-rootfs/etc/socklog.rules/~-kernel
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-
+^kern\.
T
/var/log/socklog/kernel
4 changes: 4 additions & 0 deletions overlay-rootfs/etc/socklog.rules/~-mail
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-
+^mail\.
T
/var/log/socklog/mail
11 changes: 11 additions & 0 deletions overlay-rootfs/etc/socklog.rules/~-messages
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
-
+\.info:
+\.notice:
+\.warn:
-^auth\.
-^authpriv\.
-^mail\.
-^news\.
-^cron\.
T
/var/log/socklog/messages
5 changes: 5 additions & 0 deletions overlay-rootfs/etc/socklog.rules/~-secure
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-
+^auth\.
+^authpriv\.
T
/var/log/socklog/secure
4 changes: 4 additions & 0 deletions overlay-rootfs/etc/socklog.rules/~-user
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-
+^user\.
T
/var/log/socklog/user

0 comments on commit 2b14146

Please sign in to comment.