philip-loggly · September 24, 2024 14:50
diff --git a/Loggly rsyslog on EC2 boot b/Loggly rsyslog on EC2 boot
 #!/bin/sh
 #
 # This script automatically configures rsyslog for Loggly. This script requires that the
 # your Customer Token is passed in via EC2 user-data, on its own line, as follows:
 #
 # LOGGLY_AUTH=<your auth token>
 #
 # For example, if your Customer Token is 727bae3d-750c-4e44-96ed-ad83230208bb, then pass
 #
 # LOGGLY_AUTH=727bae3d-750c-4e44-96ed-ad83230208bb
 #
 # as user-data
 #
 # If you do not have a Loggly account, sign up for one at www.loggly.com.

 RSYSLOG_CONF_DIR=/etc/rsyslog.d
 LOGGLY_CONFIG=$RSYSLOG_CONF_DIR/22-loggly.conf

 if [ ! -d $RSYSLOG_CONF_DIR ]; then
  logger "rsyslog conf directory does not exist -- no logging to Loggly will be configured."
  exit 1
 fi

 userdata=`curl -m 10 -s http://169.254.169.254/latest/user-data | grep LOGGLY`
 if [ $? -ne 0 ]; then
  logger "Unable to read Loggly Customer authentication token -- no logging to Loggly will be configured."
  exit 1
 fi
 auth=`echo "$userdata" | sed 's/LOGGLY_AUTH=\(+*\)/\1/'`

 if [ -z "$auth" ]; then
  logger "Empty Loggly Customer authentication token -- no logging to Loggly will be configured."
  exit 1
 fi

 cat >$LOGGLY_CONFIG <<EOF
 #          -------------------------------------------------------
 #          Syslog Logging Directives for Loggly
 #          -------------------------------------------------------

 # Define the template used for sending logs to Loggly. Do not change this format.
 \$template LogglyFormat,"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$auth@41058] %msg%"

 # Send messages to Loggly over TCP using the template.
 *.*             @@logs-01.loggly.com:514;LogglyFormat

 #          -------------------------------------------------------
 #          End of Syslog Logging Directives for Loggly
 #          -------------------------------------------------------
 EOF

 # Newer versions of rsyslog require a full restart before picking up
 # config file changes.
 /etc/init.d/rsyslog restart
	#!/bin/sh
	#
	# This script automatically configures rsyslog for Loggly. This script requires that the
	# your Customer Token is passed in via EC2 user-data, on its own line, as follows:
	#
	# LOGGLY_AUTH=<your auth token>
	#
	# For example, if your Customer Token is 727bae3d-750c-4e44-96ed-ad83230208bb, then pass
	#
	# LOGGLY_AUTH=727bae3d-750c-4e44-96ed-ad83230208bb
	#
	# as user-data
	#
	# If you do not have a Loggly account, sign up for one at www.loggly.com.

	RSYSLOG_CONF_DIR=/etc/rsyslog.d
	LOGGLY_CONFIG=$RSYSLOG_CONF_DIR/22-loggly.conf

	if [ ! -d $RSYSLOG_CONF_DIR ]; then
	logger "rsyslog conf directory does not exist -- no logging to Loggly will be configured."
	exit 1
	fi

	userdata=`curl -m 10 -s http://169.254.169.254/latest/user-data \| grep LOGGLY`
	if [ $? -ne 0 ]; then
	logger "Unable to read Loggly Customer authentication token -- no logging to Loggly will be configured."
	exit 1
	fi
	auth=`echo "$userdata" \| sed 's/LOGGLY_AUTH=\(+*\)/\1/'`

	if [ -z "$auth" ]; then
	logger "Empty Loggly Customer authentication token -- no logging to Loggly will be configured."
	exit 1
	fi

	cat >$LOGGLY_CONFIG <<EOF
	# -------------------------------------------------------
	# Syslog Logging Directives for Loggly
	# -------------------------------------------------------

	# Define the template used for sending logs to Loggly. Do not change this format.
	\$template LogglyFormat,"<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% [$auth@41058] %msg%"

	# Send messages to Loggly over TCP using the template.
	. @@logs-01.loggly.com:514;LogglyFormat

	# -------------------------------------------------------
	# End of Syslog Logging Directives for Loggly
	# -------------------------------------------------------
	EOF

	# Newer versions of rsyslog require a full restart before picking up
	# config file changes.
	/etc/init.d/rsyslog restart