Journald发送日志到远程
- 服务端安装systemd-journal-remote
apt update
apt install systemd-journal-remote
日志服务器和客户端都要安装 -
设置服务端
systemctl enable --now systemd-journal-remote.socket systemctl enable systemd-journal-remote.service
申请证书
acme.sh --issue --dns dns_gd -d hetao.me acme.sh --installcert -d nanopi.hetao.me --cert-file /opt/certs/nanopi.hetao.me/nanopi.hetao.me.cer --key-file /opt/certs/nanopi.hetao.me/nanopi.hetao.me.key --fullchain-file /opt/certs/nanopi.hetao.me/fullchain.cer --ca-file /opt/certs/nanopi.hetao.me/ca.cer
编辑文件/etc/systemd/journal-remote.conf,内容为
[Remote]
Seal=false
SplitMode=host
ServerKeyFile=/opt/certs/nanopi.hetao.me/nanopi.hetao.me.key
ServerCertificateFile=/opt/certs/nanopi.hetao.me/fullchain.cer
TrustedCertificateFile=/opt/certs/nanopi.hetao.me/ca.cer启动服务
systemctl start systemd-journal-remote.service
-
设置客户端
添加用户
adduser --system --home /run/systemd --no-create-home --disabled-login --group systemd-journal-upload
申请证书acme.sh --issue --dns dns_pdns -d ros.hetao.me acme.sh --installcert -d ros.hetao.me --cert-file /opt/certs/ros.hetao.me/ros.hetao.me.cer --key-file /opt/certs/ros.hetao.me/ros.hetao.me.key --fullchain-file /opt/certs/ros.hetao.me/fullchain.cer --ca-file /opt/certs/ros.hetao.me/ca.cer
申请证书的时候服务端和客户端的证书CA要一样,而且签名算法要一致,比如同为RSA或ECC算法。可 以是公共证书也可以是私有证书,重点是CA要完全一样。
编辑文件/etc/systemd/journal-upload.conf,内容为
[Upload]
URL=https://nanopi.hetao.me:19532
ServerKeyFile=/opt/certs/ros.hetao.me/ros.hetao.me.key
ServerCertificateFile=/opt/certs/ros.hetao.me/fullchain.cer
TrustedCertificateFile=/opt/certs/ros.hetao.me/ca.cer重启服务
systemctl restart systemd-journal-upload.service
-
测试
客户端执行
logger -p syslog.debug "### TEST MESSAGE from hetao.me ###"
然后在服务端查看日志journalctl -f -n 20 --file=/var/log/journal/remote/remote-CN=ros.hetao.me.journal
关于证书申请部分要根据自己的情况来,只要保证CA一致就行
Views: 115