Forward System and App logs to Papertrail - Cloud Log Management

Papertrail is part of SolarWinds Cloud™, the next evolution of our Software-as-a-Service (SaaS) portfolio for monitoring cloud-native applications and infrastructures. It does provide a free plan with following features or limitations:

• 50 MB/month
• 48 hours search
• 7 days archive
• Unlimited systems
• Unlimited users

1. Setup Linux Syslog Daemon to Send logs to Papertrail

Run the install script

wget -qO - --header="X-Papertrail-Token: ?xyy6KcSF3XguJCUpD?" \ https://papertrailapp.com/destinations/17347662/setup.sh | sudo bash

This script will make the syslog daemon send logs to Papertrail.

2. Aggregate Application Log Files to Send to Papertrail

Download Remote_Syslog2

root@backup-51sec-org-lemp-stack:/tmp# wget https://github.com/papertrail/remote_syslog2/releases/download/v0.20/remote-syslog2_0.20_i386.deb

If it is 64bit, you might want to use this command:

root@backup-51sec-org-lemp-stack:/tmp# wget https://github.com/papertrail/remote_syslog2/releases/download/v0.20/remote-syslog2_0.20_amd64.deb

Execute remote_syslog2

sudo remote_syslog \ -p 11218 \ -d logs6.papertrailapp.com \ --pid-file=/var/run/remote_syslog.pid \ /var/log/nginx/*.log
Or download a custom config file, save it in /etc/log_files.yml and run sudo remote_syslog.

root@backup-51sec-org-lemp-stack:/etc# cat /etc/log_files.yml 
files: 
  - /var/log/nginx/*.log
destination:
  host: logs6.papertrailapp.com
  port: 11218
  protocol: tls
pid_file: /var/run/remote_syslog.pid
root@backup-51sec-org-lemp-stack:/etc#