Configure AWS Elastic Beanstalk syslog to send Apache logs to logentries.com

ebextensions_apache_logentries.yaml

# Name: logentries.config
# Description: configure rsyslogd to include logfiles from apache
#
# Steps:
# 1. Save this file as .ebextensions/logentries.config
# 2. Replace 'TOKEN' below (line 37)
# 3. Deploy per normal scripts or aws.push. 
#
files:
  "/etc/rsyslog.d/apache.conf" :
    mode: "000644"
    owner: root
    group: root
    content: |
        $ModLoad imfile
        $InputFilePollInterval 10
        $PrivDropToGroup adm
        $WorkDirectory /var/spool/rsyslog

        # apache access file:
        $InputFileName /var/log/httpd/access_log
        $InputFileTag apache-access:
        $InputFileStateFile stat-apache-access
        $InputFileSeverity info
        $InputFilePersistStateInterval 20000
        $InputRunFileMonitor

        # apache error file:
        $InputFileName /var/log/httpd/error_log
        $InputFileTag apache-error:
        $InputFileStateFile stat-apache-error
        $InputFileSeverity error
        $InputFilePersistStateInterval 20000
        $InputRunFileMonitor

        #Add a tag for apache events (remember to replace 'TOKEN'!)
        $template LogentriesFormat,"TOKEN %app-name% %msg%\n"

        if $programname == 'apache-access' then @@data.logentries.com:80;LogentriesFormat
        if $programname == 'apache-access' then ~
        if $programname == 'apache-error' then @@data.logentries.com:80;LogentriesFormat
        if $programname == 'apache-error' then ~

commands:
    01_create_rsyslog_folder:
        command: su --session-command="mkdir -p /var/spool/rsyslog"
        ignoreErrors: true
    02_restart_syslog:
        command: service rsyslog restart