Skip to content

Sending logs via the FR agent

FusionReactor will send log files collected by the agent automatically, this will include all FusionReactor logs such as the request and resource logs, as well as any captured logs such as the catalina.out or coldfusion-out logs.

You also have the ability to allow FusionReactor to scrape any additional logs stored on the server, providing the user running FusionReactor can access these files.

!!note Sending logs via the FusionReactor agent is a simple way to send additional logs with limited configuration, however this is not a recommended approach to send large quantities of data as it can slow down the application.

How to scrape additional log files

Log scraping allows you to utilize the FusionReactor agent to send other logs contained from the same server. This could include application logs for ColdFusion, tomcat, Lucee or other application servers aswell as other processes such as Nginx, IIS, Database and more.

When scraping additional logs you want to ensure that multiple FusionReactor instances are not scraping the same files, for example if you have 3 instances on one machine scraping system files or stdout / stderr. While this will not cause errors, it will result in duplicate data.

To add scrape files, in the on-premise UI of FusionReactor go to Logging > Cloud Settings > Log Scraping.

Here you can specify a comma separated list of file paths including wildcards using the character:

!!note For certain platforms or Java versions you may be required to escape slashes within your paths, so C:\ColdFusion would become C:\ColdFusion

Linux Examples

To send all logs for a tomcat server: /opt/servers/tomcat/tc7/logs/*log To send specifically the catalina.out log for a tomcat server: /opt/servers/tomcat/tc7/logs/catalina.out To send just the CF exception and application log: /opt/coldfusion2018/cfusion/logs/exception.log,/opt/coldfusion2018/cfusion/logs/application.log To send stdout and stderror: /dev/std*

Windows Examples

To send all logs for a ColdFusion server C:\\ColdFusion2018\\cfusion\\logs\\*log To send just the CF exception and application log on Windows: C:\\ColdFusion2018\\cfusion\\logs\\exception.log,C:\\ColdFusion2018\\cfusion\\logs\\application.log To send the system logs C:\\WINDOWS\\system32\\config\\*log

How to deploy an existing scrape config into other instances

The scrape configuration file will be stored under the cmconfig directory of a FusionReactor instance, under the path: Instance_Path}/cmconfig/com/intergral/fusionreactor/plugin/observability/log/internal/scrape/config/ScrapeConfig.config

Going forward we plan to move the configuration options into the centralized reactor.conf file, however for the purposes of this beta you will be required to use this directory.

If you are scripting an installation, you can use something similar to the code below:

    RUN mkdir /opt/fusionreactor/instance/tomcat//cmconfig/com/intergral/fusionreactor/plugin/observability/log/internal/scrape/config/ -p
    ADD ScrapeConfig.config /opt/fusionreactor/instance/tomcat//cmconfig/com/intergral/fusionreactor/plugin/observability/log/internal/scrape/config/ScrapeConfig.config

How to prevent logs from shipping

As mentioned above, logs generated by the FusionReactor agent are shipped automatically to the cloud with no additional configuration.

If you wish to exclude any of these logs sending, either for security or to reduce data volume in the cloud then similar to the scrape pattern you can add a regex pattern match for logs that will be blacklisted from sending.

An example pattern to exclude the osgi and plugin logs of FusionReactor:

*/instance/log/*/plugin-*,*/instance/tc7/log/*/osgi.log

You can blacklist logs under the Logging > Cloud Settings > Log Blacklist menu.

How to obfuscate logs sent via the FusionReactor agent

Logs generated by FusionReactor will not contain sensitive data such as passwords, credit card details or API keys by default, however if you choose to disable obfuscation in the UI or log JDBC queries then obfuscation on logs may be required.

Before logs are shipped to the cloud, you have the option to obfuscate log content to remove sensitive information and ensure your data is secure.

You can create multiple obfuscation rules, allowing obfuscation to occur on different file groups and text patterns.

Description Log Pattern Regex Pattern Replace Value
Remove any password in any log file *.log .*passw.*[a-z]=.* passwordRedacted
Remove any auth values from any access log *access.log .*auth.*[a-z]=.* authRedacted
Remove any IP address in Nginx logs /opt/nginx/* .*client_ip\:.* ipRedacted
Remove any credit card information from FusionReactor logs /instance/tomcat/logs/* ^(?:4[0-9]{12}(?:[0-9]{3})? cardInfo

You can add obfuscation rules under Logging > Cloud Obfuscation Settings.