2

The rsyslog with elk runs well in a docker of localhost.

I could see the logs in Kibana with commands below:

logger -n localhost 'log message from test99'
logger -n localhost 'log message from test99'
logger -n 10.211.55.12 'log message from test99'
logger -n 10.211.55.12 'log message from test99234234'

The questions here, I want to use rsyslog with my Python application. The demo code shows below with the same configuration of rsyslog.

But I couldn't get anything from the Python application. So what's wrong with my configuration or code?

10.211.55.12 is the IP address of my localhost

log_test.py

import logging
import logging.handlers

logger = logging.getLogger('myLogger')
logger.setLevel(logging.INFO)

# Add handler to the logger
handler = logging.handlers.SysLogHandler('/dev/log')

# Add formatter to the handler
formatter = logging.Formatter('Python: { "loggerName":"%(name)s", "asciTime":"%(asctime)s", "pathName":"%(pathname)s", "logRecordCreationTime":"%(created)f", "functionName":"%(funcName)s", "levelNo":"%(levelno)s", "lineNo":"%(lineno)d", "time":"%(msecs)d", "levelName":"%(levelname)s", "message":"%(message)s"}')

handler.formatter = formatter
logger.addHandler(handler)
for _ in range(100):
    logger.info("Test Message")

rsyslog.conf

 47 $DirCreateMode 0755
 48 $Umask 0022
 49 $PrivDropToUser syslog
 50 $PrivDropToGroup syslog
 51
 52 #
 53 # Where to place spool and state files
 54 #
 55 $WorkDirectory /var/spool/rsyslog
 56
 57 #
 58 # Include all configuration files in /etc/rsyslog.d/
 59 #
 60 $IncludeConfig /etc/rsyslog.d/*.conf
 61 *.* 10.211.55.12:514
 62
 63
 64 # Log anything (except mail) of level info or higher.
 65
 66 # Don't log private authentication messages!
 67
 68 *.info;mail.none;authpriv.none;cron.none      /var/log/messages
 69
 70 # The authpriv file has restricted access.
 71
 72 authpriv.*                                    /var/log/secure
 73
 74 # Log all the mail messages in one place.
 75
 76 mail.*                                        /var/log/maillog
 77
 78 # Log cron stuff
 79
 80 cron.*                                        /var/log/cron
 81
 82 # Everybody gets emergency messages
 83
 84 *.emerg                                       *
 85
 86 # Save news errors of level crit and higher in a special file.
 87
 88 uucp,news.crit                                /var/log/spooler
 89
 90 # Save boot messages also to boot.log
 91
 92 local7.*                                      /var/log/boot.log
Improve this question
6
  • 1
    Could you try the with default parameters, i.e. SysLogHandler() without /dev/log? Commented May 6, 2017 at 5:55
  • @VPfB socket.error happened. logging.handlers.SysLogHandler('') Commented May 6, 2017 at 7:27
  • 1
    Please omit the quotes, just SysLogHandler(). Commented May 6, 2017 at 11:52
  • @VPfB Thanks. Seems working... confusing about why would this happen? There aren't any tutorials mentioned it. Commented May 6, 2017 at 12:06
  • I'm not sure if I understand your setup correctly, but to send log messages outside of the local system, you need a network connection. UDP pakcets sent to logserver's port 514 are traditionally used for that task. (TCP is now supported as well and it has advantages over UDP). The SysLogHandler is doing UDP by default. Commented May 6, 2017 at 14:01

1 Answer 1

Reset to default
1

@VPfB's comment is right. Change logging.handlers.SysLogHandler('/dev/log') to logging.handlers.SysLogHandler() will work for my case. Thanks @VPfB!

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.