Due to compliance issues, there is a need to store all tomcat logs for at least 6 months on a central server.
Is there a way to send the logs to rsyslog server or any other mechanism that will accomplish the task. I tried changing CATALINA_OUT to /var/log/syslog, and it does record it in the file however rsyslog-mysql does not pick it up.
Short of sending the logs to a remote host, what are some ways to move the logs automatically besides using rsync, cron, scp
Here is an interesting thread about your question. If this really leads to a solution is not sure. A working approach is to output to stdout and pipe that to
logger- but this is not a "clean" solution.Check out Splunk
http://www.splunk.com
Here is some information about how you can set archive policies:
http://docs.splunk.com/Documentation/Splunk/4.2.5/Admin/Setaretirementandarchivingpolicy
I'm not sure what kind of compliance you are trying to meet but Splunk has some great plugins - ex:
SEC http://www.splunk.com/view/sec-compliance/SP-CAAAGMQ
HIPPA http://www.splunk.com/view/hipaa-compliance/SP-CAAAGG6
PCI http://www.splunk.com/view/SP-CAAAFHB
Splunk!? That thing is so expensive. It's a good Thing, but an expensive one.
What you might get more of a kick out of is something like Logstash, or Graylog2
Logstash will pretty much do exactly what you want. It has an agent that can tail logfiles.
I wonder though.. What would happen if you pointed the catalina.out log entry at a FIFO pipe, then piped that through
logger(which writes to syslog)Check out this http://spredzy.wordpress.com/2013/03/02/monitor-your-cluster-of-tomcat-applications-with-logstash-and-kibana/