Recently Prometheus became one of the most used open source monitoring solutions. Quite a few people asked if a syslog-ng exporter is available. It is not part of syslog-ng, but there are numerous implementations available on GitHub. Now that Prometheus is part of the openSUSE Leap 15.2 release, which is the Linux distribution running on my laptop, I gave it a try.

From this blog, you can learn how to compile the syslog-ng exporter for Prometheus yourself and get it working with Prometheus. It is my first time compiling a Go application and using Prometheus, so these instructions might not be “best practice”, but they work ;-)

Before you begin

First, you need Prometheus up and running. On openSUSE it is as easy as:

zypper in golang-github-prometheus-prometheus
systemctl start prometheus.service

And it is ready to go. Package names on other distros might be different.

For initial testing I also installed the golang-github-prometheus-node_exporter package and started it with:

systemctl start prometheus-node_exporter.service

If you also installed and started this second package, then you should be able to see some nice metrics and graphs on port 9090 of the host where you installed Prometheus.

To be able to compile the syslog-ng exporter, you need a few development related packages. On openSUSE you need to install the packages called go and make.

Obviously you also need syslog-ng installed, the version number does not matter.

Compiling the syslog-ng exporter

First of all, you need to set up a go development environment. Well, this is probably an overstatement as we just create a few directories under the home directory and set up an environment variable for go, pointing to the directory structure we just created (change it to your actual path name):

cd
mkdir go
cd go
mkdir bin src
export GOPATH="/root/go"

Now we check out the source code from GitHub. The original can be found at https://github.com/brandond/syslog_ng_exporter and it mostly works, but does not list all sources and destinations. One of the users provided a fix for more recent syslog-ng versions, so we use that fork.

cd src
go get github.com/britcey/syslog_ng_exporter

You are now ready to change to the directory and build syslog_ng_exporter:

cd github.com/britcey/syslog_ng_exporter/
make build

Note that the command ends with a long error message. Still the binary is built and available in the go/bin directory together with two other binaries used while building syslog_ng_exporter:

localhost:~ # ls -l go/bin/
total 39828
-rwxr-xr-x 1 root root 12233685 Jul 21 11:51 govendor
-rwxr-xr-x 1 root root 14331225 Jul 21 11:51 promu
-rwxr-xr-x 1 root root 14214609 Jul 21 11:46 syslog_ng_exporter

You are now ready for testing!

Testing

First, you need to add a few lines to the Prometheus configuration. Open /etc/prometheus/prometheus.yml in your favorite text editor and append a few lines to the end of the configuration:

  - job_name: sng
    # syslog-ng from localhost.
    static_configs:
      - targets: ['localhost:9577']

Restart the Prometheus service for the configuration to take effect:

systemctl restart prometheus.service

Now start the syslog_ng_exporter. Make sure that the path to the syslog-ng control socket is correct:

./syslog_ng_exporter –socket.path="/run/syslog-ng.ctl"

You are now ready to check syslog-ng-related metrics in the Prometheus web interface. They start with “syslog_ng_” in the drop down menu. You should see something similar on your screen:

Prometheus syslog-ng

What is next

As you can see, the above instructions are good enough for testing but it is far from being production ready. Once you got the syslog_ng_exporter built and tested you need to distribute the binary to your Linux systems and make sure that they are started automatically. Luckily it does not have any external dependencies so I could run the binary I built on the latest openSUSE release on an aging CentOS 7 system as well.

If you have questions or comments related to syslog-ng, do not hesitate to contact us. You can reach us by email or even chat with us. For a list of possibilities, check our GitHub page under the “Community” section at https://github.com/syslog-ng/syslog-ng. On Twitter, I am available as @PCzanik.

Anonymous
Related Content