Skip to content

Commit

Permalink
Update README.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@ssahani
ssahani authored May 16, 2024
1 parent 8e7a167 commit 721835b
Showing 1 changed file with 34 additions and 49 deletions.
83 changes: 34 additions & 49 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,73 +50,58 @@ systemd-netlogd reads configuration files named `/etc/systemd/netlogd.conf` and

**[NETWORK]** SECTION OPTIONS

The "[Network]" section only applies for UDP multicast address and Port:

The "[Network]" section only applies for UDP multicast address and Port:
Address=
Controls whether log messages received by the systemd daemon shall be forwarded to a unicast UDP address or multicast UDP network group in syslog RFC 5424 format. The the address string format is similar to socket units. See systemd.socket(1)

Address=
Controls whether log messages received by the systemd daemon shall be forwarded
to a unicast UDP address or multicast UDP network group in syslog RFC 5424 format.
Protocol=
Specifies whether to use udp, tcp, tls or dtls (Datagram Transport Layer Security) protocol. Defaults to udp.

The the address string format is similar to socket units. See systemd.socket(1)
LogFormat=
Specifies whether to use RFC 5424 format or RFC 3339 format. Takes one of rfc5424 or rfc3339. Defaults to rfc5424.

Protocol=
Specifies whether to use udp, tcp, tls or dtls (Datagram Transport Layer Security) protocol. Defaults to udp.
Directory=
Takes a directory path. Specifies whether to operate on the specified journal directory DIR instead of the default runtime and system journal paths.
Namespace=
Takes a journal namespace identifier string as argument. If not specified the data collected by the default namespace is shown. If specified shows the log data of the specified namespace instead. If the namespace is specified as "*" data from all namespaces is shown, interleaved. If the namespace identifier is prefixed with "+" data from the specified namespace and the default namespace is shown, interleaved, but no other

LogFormat=
Specifies whether to use RFC 5424 format or RFC 3339 format. Takes one of rfc5424 or rfc3339. Defaults to rfc5424.
ConnectionRetrySec=
Specifies the minimum delay before subsequent attempts to contact a Log server are made. Takes a time span value. The default unit is seconds, but other units may be specified, see systemd.time(5). Defaults to 30 seconds and must not be smaller than 1 second.

Directory=
Takes a directory path. Specifies whether to operate on the specified journal directory DIR instead of the default runtime and system journal paths.
TLSCertificateAuthMode=
Specifies whether to validate the certificate. Takes one of no, allow, deny, warn. Defaults to 'no' which disables certificate validation.

Namespace=
Takes a journal namespace identifier string as argument. If not specified the data collected by the default namespace is shown. If specified
shows the log data of the specified namespace instead. If the namespace is specified as "*" data from all namespaces is shown, interleaved.
If the namespace identifier is prefixed with "+" data from the specified namespace and the default namespace is shown, interleaved, but no other
KeepAlive=
Takes a boolean argument. If true, the TCP/IP stack will send a keep alive message after 2h (depending on the configuration of /proc/sys/net/ipv4/tcp_keepalive_time) for all TCP streams accepted on this socket. This controls the SO_KEEPALIVE socket option (see socket(7) and the TCP Keepalive HOWTO for details.) Defaults to false.

ConnectionRetrySec=
Specifies the minimum delay before subsequent attempts to contact a Log server are made.
Takes a time span value. The default unit is seconds, but other units may be specified,
see systemd.time(5). Defaults to 30 seconds and must not be smaller than 1 second.
KeepAliveTimeSec=
Takes time (in seconds) as argument. The connection needs to remain idle before TCP starts sending keepalive probes. This controls the TCP_KEEPIDLE socket option (see socket(7) and the TCP Keepalive HOWTO for details.) Default value is 7200 seconds (2 hours).

TLSCertificateAuthMode=
Specifies whether to validate the certificate. Takes one of no, allow, deny, warn. Defaults to 'no' which disables certificate validation.
KeepAliveIntervalSec=
Takes time (in seconds) as argument between individual keepalive probes, if the socket option SO_KEEPALIVE has been set on this socket. This controls the TCP_KEEPINTVL socket option (see socket(7) and the TCP Keepalive HOWTO for details.) Default value is 75 seconds.

KeepAlive=
Takes a boolean argument. If true, the TCP/IP stack will send a keep alive message after 2h (depending on the configuration of /proc/sys/net/ipv4/tcp_keepalive_time)
for all TCP streams accepted on this socket. This controls the SO_KEEPALIVE socket option (see socket(7) and the TCP Keepalive HOWTO for details.) Defaults to false.
KeepAliveProbes=
Takes an integer as argument. It is the number of unacknowledged probes to send before considering the connection dead and notifying the application layer. This controls the TCP_KEEPCNT socket option (see socket(7) and the TCP Keepalive HOWTO for details.) Default value is 9.

KeepAliveTimeSec=
Takes time (in seconds) as argument. The connection needs to remain idle before TCP starts sending keepalive probes. This controls the TCP_KEEPIDLE socket option (see socket(7)
and the TCP Keepalive HOWTO for details.) Default value is 7200 seconds (2 hours).
SendBuffer=
Takes an integer argument controlling the receive or send buffer sizes of this socket, respectively. This controls the SO_SNDBUF socket options (see socket(7) for details.). The usual suffixes K, M, G are supported and are understood to the base of 1024.

KeepAliveIntervalSec=
Takes time (in seconds) as argument between individual keepalive probes, if the socket option SO_KEEPALIVE has been set on this socket. This controls the TCP_KEEPINTVL
socket option (see socket(7) and the TCP Keepalive HOWTO for details.) Default value is 75 seconds.

KeepAliveProbes=
Takes an integer as argument. It is the number of unacknowledged probes to send before considering the connection dead and notifying the application layer. This controls the
TCP_KEEPCNT socket option (see socket(7) and the TCP Keepalive HOWTO for details.) Default value is 9.

SendBuffer=
Takes an integer argument controlling the receive or send buffer sizes of this socket, respectively. This controls the SO_SNDBUF socket options (see socket(7) for details.). The usual suffixes K, M, G are supported and are understood to the base of 1024.

NoDelay=
Takes a boolean argument. TCP Nagle's algorithm works by combining a number of small outgoing messages, and sending them all at once.
This controls the TCP_NODELAY socket option (see tcp(7)). Defaults to false.
NoDelay=
Takes a boolean argument. TCP Nagle's algorithm works by combining a number of small outgoing messages, and sending them all at once. This controls the TCP_NODELAY socket option (see tcp(7)). Defaults to false.

Optional settings

StructuredData=
Meta information about the syslog message, which can be used for Cloud Based
syslog servers, such as Loggly
StructuredData=
Meta information about the syslog message, which can be used for Cloud Based syslog servers, such as Loggly

UseSysLogStructuredData=
A boolean. Specifies whether to extract SYSLOG_STRUCTURED_DATA= from journal. Defaults to false.
UseSysLogStructuredData=
A boolean. Specifies whether to extract SYSLOG_STRUCTURED_DATA= from journal. Defaults to false.

UseSysLogMsgId=
UseSysLogMsgId=
A boolean. Specifies whether to extract SYSLOG_MSGID= from journal. Defaults to false.


**EXAMPLE**

Example 1.UDP Multicast
Expand Down Expand Up @@ -184,7 +169,7 @@ Example 6. DTLS with certificate authentocation mode

Use case of ```UseSysLogStructuredData=``` and ```UseSysLogMsgId=```

```
```C
sd_journal_send(
"MESSAGE=%s", "Message to process",
"PRIORITY=%s", "4",
Expand Down

0 comments on commit 721835b

Please sign in to comment.