Security log configuration
User configuration of the security logging system is defined in the following file:
/etc/saymon/logger.json
Categories
{
"categories": {
"Default": "Info",
"MyActor": "Error",
"MyOtherActor": "Debug"
}
...
}
Section/Parameter | Description | ||
---|---|---|---|
categories.<category-name> |
Minimal log level for this category.
Possible log levels:
|
Channels
This section allows you to define log channel settings.
You can define multiple transport modules for each channel for simultaneous delivery in multiple log storage systems.
channels {
...
"session": [
//Send logs to the server via UDP
{
"type": "udp",
"options": {
"server": "localhost:514"
}
},
// Send logs to Kafka
{
"type": "kafka",
"options": {
"server": "localhost:9092",
"topic": "LOG_SESSION"
}
}
],
...
}
By default, the system has a default channel. You don’t need to specify its settings in the configuration file, unless you want to override its default behavior (sending events to the console).
|
Section/Parameter | Description |
---|---|
channels.<channel-name>.type |
|
channels.<channel-name>.options |
Transport module configuration. Depends on its type. |
UDP
Section/Parameter | Description |
---|---|
options.server |
UDP server address . System accepts the following address formats:
|
Kafka
Section/Parameter | Description |
---|---|
options.server |
Kafka server address. System accepts the following address formats:
|
options.topic |
Kafka topic, where the events are sent. |
Console
Section/Parameter | Description |
---|---|
options.level |
Minimal log level that is shown in the console output. By default – |
options.stderrLevels |
List of log levels that need to output in stderr, and not in stdout. For example |
options.colorize |
Colorize log levels in the output. By default – |
options.prettyPrint |
Format the console output. By default – |