Back to your phpLogCon instance
I have rsyslog configured to forward logging messages from several application servers to a central log server. It's a Ruby on Rails app and I'm using the SyslogLogger gem to talk to rsyslog. From time to time under moderate volume my application, or more accurately one or more of my application containers, begins to freeze. I haven't been able to pin down the cause, but I did notice a couple of interesting things related to rsyslog. Very soon before the application begins to experience problems the central log file (to which all app servers forward) stops updating. This has happened every time the application has had problems. On a lark I decided to disable rsyslog and instead use the native rails logging framework. Each time this change has completely cleared up all the problems on the site. Obviously this is a grossly unscientific observation but I just can't ignore the coincidence.
I'm thinking that I have borked the config of my installation to, somehow, cause this failure. Is it possible that I have configured rsyslog to somehow wait for a successful write to the log file instead of firing and forgetting? Am I required to create a local spool per http://www.rsyslog.com/doc-rsyslog_reli ... rding.html? Many thanks in advance.
This is the configuration for the host:
- Code: Select all
$ModLoad imtcp
$InputTCPServerRun 200
*.info;mail.none;authpriv.none;cron.none;my_app.none /var/log/messages
authpriv.* /var/log/secure
mail.* -/var/log/maillog
cron.* /var/log/cron
*.emerg *
uucp,news.crit /var/log/spooler
local7.* /var/log/boot.log
$outchannel my_app_rotate,/vol/logs/my_app.log,5242880,/usr/bin/loganalysis /vol/logs/my_app.log
!my_app
*.* $my_app_rotate
Each host then has this in rsyslog.conf
- Code: Select all
!my_app
*.* @@log_host:200
And I start rsyslogd on the central log host with SYSLOGD_OPTIONS="-t200 -m 0"
