Syslog 日志驱动程序
目录
syslog 日志驱动程序将日志路由到 syslog 服务器。syslog 协议使用原始字符串作为日志消息,并支持有限的元数据。syslog 消息必须以特定方式格式化才能有效。从有效消息中,接收者可以提取以下信息:
- 优先级:日志级别,例如
debug,warning,error,info. - 时间戳:事件发生的时间。
- 主机名:事件发生的位置。
- 设施:记录消息的子系统,例如
mail或kernel。 - 进程名称和进程ID(PID):生成日志的进程的名称和ID。
格式定义在 RFC 5424 并且 Docker 的 syslog 驱动程序以下列方式实现了 ABNF 参考:
TIMESTAMP SP HOSTNAME SP APP-NAME SP PROCID SP MSGID
+ + + | +
| | | | |
| | | | |
+------------+ +----+ | +----+ +---------+
v v v v v
2017-04-01T17:41:05.616647+08:00 a.vm {taskid:aa,version:} 1787791 {taskid:aa,version:}用法
要将syslog驱动程序设置为默认的日志记录驱动程序,请在daemon.json文件中将log-driver和log-opt键设置为适当的值,该文件位于Linux主机上的/etc/docker/目录或Windows Server上的C:\ProgramData\docker\config\daemon.json。有关使用daemon.json配置Docker的更多信息,请参阅daemon.json。
以下示例将日志驱动程序设置为syslog并设置syslog-address选项。syslog-address选项支持UDP和TCP;此示例使用UDP。
{
"log-driver": "syslog",
"log-opts": {
"syslog-address": "udp://1.2.3.4:1111"
}
}重启Docker以使更改生效。
注意
log-opts配置选项在daemon.json配置文件中必须以字符串形式提供。因此,数字和布尔值(例如syslog-tls-skip-verify的值)必须用引号(")括起来。
您可以通过使用--log-driver标志为特定容器设置日志驱动程序,该标志用于docker container create或docker run:
$ docker run \
--log-driver syslog --log-opt syslog-address=udp://1.2.3.4:1111 \
alpine echo hello world
选项
以下日志选项作为syslog日志驱动程序的选项被支持。它们可以在daemon.json中设置为默认值,通过将它们作为键值对添加到log-opts JSON数组中。它们也可以在启动容器时通过为每个选项添加--log-opt 标志来为给定容器设置。
| Option | Description | Example value |
|---|---|---|
syslog-address | The address of an external syslog server. The URI specifier may be [tcp|udp|tcp+tls]://host:port, unix://path, or unixgram://path. If the transport is tcp, udp, or tcp+tls, the default port is 514. | --log-opt syslog-address=tcp+tls://192.168.1.3:514, --log-opt syslog-address=unix:///tmp/syslog.sock |
syslog-facility | The syslog facility to use. Can be the number or name for any valid syslog facility. See the
syslog文档. | --log-opt syslog-facility=daemon |
syslog-tls-ca-cert | The absolute path to the trust certificates signed by the CA. Ignored if the address protocol isn't tcp+tls. | --log-opt syslog-tls-ca-cert=/etc/ca-certificates/custom/ca.pem |
syslog-tls-cert | The absolute path to the TLS certificate file. Ignored if the address protocol isn't tcp+tls. | --log-opt syslog-tls-cert=/etc/ca-certificates/custom/cert.pem |
syslog-tls-key | The absolute path to the TLS key file. Ignored if the address protocol isn't tcp+tls. | --log-opt syslog-tls-key=/etc/ca-certificates/custom/key.pem |
syslog-tls-skip-verify | If set to true, TLS verification is skipped when connecting to the syslog daemon. Defaults to false. Ignored if the address protocol isn't tcp+tls. | --log-opt syslog-tls-skip-verify=true |
tag | A string that's appended to the APP-NAME in the syslog message. By default, Docker uses the first 12 characters of the container ID to tag log messages. Refer to the
日志标签选项文档 for customizing the log tag format. | --log-opt tag=mailer |
syslog-format | The syslog message format to use. If not specified the local Unix syslog format is used, without a specified hostname. Specify rfc3164 for the RFC-3164 compatible format, rfc5424 for RFC-5424 compatible format, or rfc5424micro for RFC-5424 compatible format with microsecond timestamp resolution. | --log-opt syslog-format=rfc5424micro |
labels | Applies when starting the Docker daemon. A comma-separated list of logging-related labels this daemon accepts. Used for advanced 日志标签选项. | --log-opt labels=production_status,geo |
labels-regex | Applies when starting the Docker daemon. Similar to and compatible with labels. A regular expression to match logging-related labels. Used for advanced
日志标签选项. | --log-opt labels-regex=^(production_status|geo) |
env | Applies when starting the Docker daemon. A comma-separated list of logging-related environment variables this daemon accepts. Used for advanced 日志标签选项. | --log-opt env=os,customer |
env-regex | Applies when starting the Docker daemon. Similar to and compatible with env. A regular expression to match logging-related environment variables. Used for advanced
日志标签选项. | --log-opt env-regex=^(os|customer) |