Sending logs via the FR agent¶
FusionReactor will send log files collected by the agent automatically, this will include all FusionReactor logs such as the request and resource logs, as well as any captured logs such as the catalina.out or coldfusion-out logs.
You also have the ability to allow FusionReactor to scrape any additional logs stored on the server, providing the user running FusionReactor can access these files.
!!note Sending logs via the FusionReactor agent is a simple way to send additional logs with limited configuration, however this is not a recommended approach to send large quantities of data as it can slow down the application.
How to scrape additional log files¶
Log scraping allows you to utilize the FusionReactor agent to send other logs contained from the same server. This could include application logs for ColdFusion, tomcat, Lucee or other application servers aswell as other processes such as Nginx, IIS, Database and more.
When scraping additional logs you want to ensure that multiple FusionReactor instances are not scraping the same files, for example if you have 3 instances on one machine scraping system files or stdout / stderr. While this will not cause errors, it will result in duplicate data.
To add scrape files, in the on-premise UI of FusionReactor go to Logging > Cloud Settings > Log Scraping.
Here you can specify a comma separated list of file paths including wildcards using the character:
!!note For certain platforms or Java versions you may be required to escape slashes within your paths, so C:\ColdFusion would become C:\ColdFusion
To send all logs for a tomcat server:
To send specifically the catalina.out log for a tomcat server:
To send just the CF exception and application log:
To send stdout and stderror:
To send all logs for a ColdFusion server
To send just the CF exception and application log on Windows:
To send the system logs
How to deploy an existing scrape config into other instances¶
The scrape configuration file will be stored under the cmconfig directory of a FusionReactor instance, under the path:
Going forward we plan to move the configuration options into the centralized reactor.conf file, however for the purposes of this beta you will be required to use this directory.
If you are scripting an installation, you can use something similar to the code below:
RUN mkdir /opt/fusionreactor/instance/tomcat//cmconfig/com/intergral/fusionreactor/plugin/observability/log/internal/scrape/config/ -p ADD ScrapeConfig.config /opt/fusionreactor/instance/tomcat//cmconfig/com/intergral/fusionreactor/plugin/observability/log/internal/scrape/config/ScrapeConfig.config
How to prevent logs from shipping¶
As mentioned above, logs generated by the FusionReactor agent are shipped automatically to the cloud with no additional configuration.
If you wish to exclude any of these logs sending, either for security or to reduce data volume in the cloud then similar to the scrape pattern you can add a regex pattern match for logs that will be blacklisted from sending.
An example pattern to exclude the osgi and plugin logs of FusionReactor:
You can blacklist logs under the Logging > Cloud Settings > Log Blacklist menu.
How to obfuscate logs sent via the FusionReactor agent¶
Logs generated by FusionReactor will not contain sensitive data such as passwords, credit card details or API keys by default, however if you choose to disable obfuscation in the UI or log JDBC queries then obfuscation on logs may be required.
Before logs are shipped to the cloud, you have the option to obfuscate log content to remove sensitive information and ensure your data is secure.
You can create multiple obfuscation rules, allowing obfuscation to occur on different file groups and text patterns.
|Description||Log Pattern||Regex Pattern||Replace Value|
|Remove any password in any log file||
|Remove any auth values from any access log||
|Remove any IP address in Nginx logs||
|Remove any credit card information from FusionReactor logs||
You can add obfuscation rules under Logging > Cloud Obfuscation Settings.