syslog_ng

Supported OS Linux Windows

Overview

Configure Syslog-ng to gather logs from your host, containers, & services.

Log collection for syslog-ng is not available for your selected Datadog site ().

Setup

Log collection

  1. Collect system logs and log files in /etc/syslog-ng/syslog-ng.conf and make sure the source is correctly defined:

    source s_src {
system();
internal();

};

    If you want to monitor files, add the following source:

    #########################
# Sources
#########################

...

source s_files {
file("path/to/your/file1.log",flags(no-parse),follow_freq(1),program_override("<program_name_file1>"));
file("path/to/your/file2.log",flags(no-parse),follow_freq(1),program_override("<program_name_file2>"));

};

  2. Set the correct log format:

    #########################
# Destination
#########################

...

# For Datadog platform:
destination d_datadog {
  http(
      url("https://http-intake.logs./api/v2/logs?ddsource=<SOURCE>&ddtags=<TAG_1:VALUE_1,TAG_2:VALUE_2>")
      method("POST")
      headers("Content-Type: application/json", "Accept: application/json", "DD-API-KEY: <DATADOG_API_KEY>")
      body("<${PRI}>1 ${ISODATE} ${HOST:--} ${PROGRAM:--} ${PID:--} ${MSGID:--} ${SDATA:--} $MSG\n")
  );
};

  3. Define the output in the path section:

    #########################
# Log Path
#########################

...

log { source(s_src); source(s_files); destination(d_datadog); };

  4. Restart syslog-ng.

Troubleshooting

Need help? Contact Datadog support.

PREVIEWING: rtrieu/product-analytics-ui-changes