Fluentd Notes.md 993 B
Fluentd Notes.md
Fluentd is part of Treasure Data. So the service name is td-agent.
systemctl status td-agent
Config file location:
/etc/td-agent/td-agent.conf
/etc/td-agent/config.d/zscaler.conf
Logs location:
/var/log/td-agent/td-agent.log
Fluentd is installed on afs-splunk-syslog-1 and nga-splunk-syslog-1. Fluentd will not start unless the directories specifid in the config file are created.
salt -L 'afs-splunk-syslog-1' cmd.run 'ls -larth /opt/syslog-ng/'
salt -L 'afs-splunk-syslog-1' cmd.run 'mkdir /opt/syslog-ng/zscaler_firewall/'
salt -L 'afs-splunk-syslog-1' cmd.run 'mkdir /opt/syslog-ng/zscaler_dns/'
salt -L 'afs-splunk-syslog-1' cmd.run 'chown td-agent:td-agent /opt/syslog-ng/zscaler_firewall/'
salt -L 'afs-splunk-syslog-1' cmd.run 'chown td-agent:td-agent /opt/syslog-ng/zscaler_dns/'
Folder structure changed!
salt -L 'afs-splunk-syslog-1' cmd.run 'tail /opt/syslog-ng/zscaler/web/log/2020-05-26/zscaler_web.2020-05-26T2020_0.log'