1. Home
  2. Configurations
  3. Configuring the Trunc Logging Platform
Searching...

Configuring the Trunc Logging Platform

Trunc is a centralized logging platform designed to consolidate your system and application logs in one place. To get started, you’ll need to configure your system to send logs to Trunc. This guide will walk you through four different methods to do so:

  • Trunc Agent
  • Syslog
  • Rsyslog
  • Syslogd

Method 1: Using the Trunc Agent

The Trunc Agent is a lightweight tool that collects and sends logs to the Trunc platform. It supports multiple operating systems, including Linux, macOS, OpenBSD, and FreeBSD. All logs are encrypted using AES-128 with the key provided to you.

Step 1: Download and Install the Agent

$ wget https://trunc.org/downloads/trunc-logging-agent-0.5.tgz
$ tar -zxvf trunc-logging-agent-0.5.tgz
$ cd trunc-logging-agent
$ sudo ./install.sh [ip] [port] [key]

When you set up your account with Trunc, you’ll receive your unique [IP], [port], and [key] on your Account Settings page. These values are required for the agent configuration.

Step 2: Adding Log Files to the Agent

By default, the Trunc Agent will attempt to detect log files. If you need to manually add or update log sources, edit the configuration file:

Location: /etc/trunc-logging-agent.conf

To apply changes, stop the agent, update the file, and restart it.

Method 2: Using the Syslog Protocol

If you prefer not to use the Trunc Agent, you can leverage the Syslog protocol to send logs. Ensure you whitelist the server’s IP address in your Account Settings to allow incoming logs from your system.

Supported Syslog Daemons:

  • Rsyslog (default on many Linux distributions)
  • Syslogd

Method 3: Configuring Rsyslog

Rsyslog is commonly used on Linux distributions like Ubuntu and Debian.

  1. Open the Rsyslog configuration file:bashCopy codesudo nano /etc/rsyslog.conf
  2. Add the following line to forward logs to Trunc:lessCopy code*.* @[ip]:[port] Replace [ip] and [port] with the values provided in your Account Settings.
  3. Restart Rsyslog:bashCopy codesudo systemctl restart rsyslog

Method 4: Configuring Syslogd

If your server uses Syslogd, follow these steps:

  1. Open the Syslogd configuration file:bashCopy codesudo nano /etc/syslog.conf
  2. Add the following entry:lessCopy code*.* @[ip]:[port] Again, replace [ip] and [port] with the details from your Account Settings.
  3. Restart the Syslogd service:bashCopy codesudo systemctl restart syslog

Sending NGINX Logs to Trunc

NGINX can also forward logs using the Syslog protocol.

  1. Open your NGINX configuration file:bashCopy codesudo nano /etc/nginx/nginx.conf
  2. Add the following configuration:nginxCopy codeerror_log syslog:server=[IP]:[PORT] debug; access_log syslog:server=[IP]:[PORT],facility=local7,tag=nginx,severity=info;
  3. Restart NGINX:bashCopy codesudo systemctl restart nginx

By using any of these methods, you can effectively route your logs to the Trunc platform for centralized management and analysis.

Updated on November 13, 2024
Was this article helpful?
Yes No

Related Articles