loggr-syslog-agent job from loggregator-agent/5.3.7

Github source: 6c12a85 or master branch

Properties¶

aggregate_drains¶

Syslog server URLs that will receive the logs from all sources

Default

""

Example

syslog-tls://some-drain-1,syslog-tls://some-drain-1

blacklisted_syslog_ranges¶

A list of IP address ranges that are not allowed to be specified in syslog drain binding URLs.

Default

[]

Example

- end: 10.10.10.10
  start: 10.10.10.1

cache¶

batch_size¶

The batch size the syslog will request the Cloud Controller for bindings.

Default

1000

polling_interval¶

The interval at which the syslog will poll the Cloud Controller for bindings.

Default

15s

tls¶

ca_cert¶

When the syslog communicates with the Cloud Controller it must validate the Cloud Controller’s certificate was signed by a trusted CA. This is the CA trusted by the syslog for that communication.

cert¶

This certificate is sent to the Cloud Controller when initiating a connection. It must be signed by a CA that is trusted by the Cloud Controller.

cn¶

When the syslog communicates with the cache it must validate the Cloud Controller’s common name (CN) or subject alternative names (SANs) against the hostname or IP address used to initiate the connection. Most of the time this should be the hostname defined in api.url.

key¶

This is the private key for the certificate sent to the Cloud Controller when initiating a connection.

drain_ca_cert¶

The CA certificate for key/cert verification.

drain_skip_cert_verify¶

If set to true the SSL hostname validation will be disabled.

Default

false

enabled¶

Syslog agent is enabled on VM

Default

true

metrics¶

ca_cert¶

TLS CA cert to verify requests to metrics endpoint.

cert¶

TLS certificate for metrics server signed by the metrics CA

key¶

TLS private key for metrics server signed by the metrics CA

port¶

Port the agent uses to serve metrics and debug information

Default

14822

server_name¶

The server name used in the scrape configuration for the metrics endpoint

port¶

Port the agent is serving gRPC via mTLS

Default

3458

tls¶

ca_cert¶

TLS loggregator root CA certificate. It is required for key/cert verification.

cert¶

TLS certificate for syslog signed by the loggregator CA

cipher_suites¶

An ordered list of supported SSL cipher suites. Allowed cipher suites are TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384.

Default

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

key¶

TLS private key for syslog signed by the loggregator CA

Templates¶

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/loggr-syslog-agent/ directory (learn more).

• config/bpm.yml (from bpm.yml.erb)
• config/certs/cache_ca.crt (from cache_ca.crt.erb)
• config/certs/cache_client.crt (from cache_client.crt.erb)
• config/certs/cache_client.key (from cache_client.key.erb)
• config/certs/drain_ca.crt (from drain_ca.crt.erb)
• config/certs/loggregator_ca.crt (from loggregator_ca.crt.erb)
• config/certs/metrics.crt (from metrics.crt.erb)
• config/certs/metrics.key (from metrics.key.erb)
• config/certs/metrics_ca.crt (from metrics_ca.crt.erb)
• config/certs/syslog_agent.crt (from syslog_agent.crt.erb)
• config/certs/syslog_agent.key (from syslog_agent.key.erb)
• config/ingress_port.yml (from ingress_port.yml.erb)
• config/prom_scraper_config.yml (from prom_scraper_config.yml.erb)

Packages¶

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.

• syslog-agent