LogFWD
(REC-48)
|
|
| Status: | To Do |
| Project: | Radio Edge Cloud |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Sub-task | Priority: | Medium |
| Reporter: | Deepak Kataria | Assignee: | Naga Sugguna |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Attachments: |
rsyslog-test-cases-v1.pdf
|
| Comments |
| Comment by Ferenc Argay [ 15/Oct/19 ] |
|
Hi Deepak, A general question, are these manual or automated test cases? TC4: Do you plan to check the used encryption from security point of view? Regarding to the description some test cases seem configuration steps. Are these really TCs? (TC4, TC6, TC9) |
| Comment by Ferenc Tóth [ 15/Oct/19 ] |
|
REC does not have any rsyslog embedded. Currently the logs flow like this: Containers stdout/-err > Docker logs to files > Fluentd reads the log files and forwards the log entries according to log forwarding rules (by default `kube-system` goes to ElasticSearch into `caas` indices) > ElasticSearch Custom log forwarding rules can specify any rsyslog target, but that case the application has to bring its rsyslog solution, it is not part of REC. |
| Comment by Deepak Kataria [ 09/Oct/19 ] |
|
Attached more background and test cases on rsyslog. Please review |
| Comment by Deepak Kataria [ 04/Oct/19 ] |
|
The intention is to test the end-to-end pipeline of log generation, log parsing, log filtering, log transport, log buffering, log routing and log store capabilities provided by rsyslog. |
| Comment by Krisztián Lengyel [ 04/Oct/19 ] |
|
This is a generic description about the rsyslog component, what is the intention? |
| Comment by Deepak Kataria [ 02/Oct/19 ] |
|
Rsyslog is an open-source software utility for forwarding log messages in an IP network. It implements the basic syslog protocol, extends it with content-based filtering, rich filtering capabilities, flexible configuration options and adds features such as using TCP for transport (UDP was already supported) and TLS. The official RSYSLOG website defines the utility as "the *r*ocket-fast sys*tem for *log processing". Full documentation can be found at: http://www.rsyslog.com/doc Configuration files for rsyslog can be found as: /etc/rsyslog.conf "Default" log file for most messages are at: /var/log/messages The information provided by the originator of a syslog message includes 2 parts: the facility code and the severity level. The syslog software adds information to the information header before passing the entry to the syslog receiver. Such components include an originator process ID, a timestamp, and the hostname or IP address of the device. Messages enter rsyslog with the help of input modules. Then, they are passed to a ruleset, where rules are conditionally applied. When a rule matches, the message is transferred to an action, which writes it to a file, database or forwards it to a remote host. The ruleset and actions are defined in the rsyslogd configuration file - /etc/rsyslog.conf |
[REC-52]