Join Log in
Score:0
Илья Бугримов avatar Server

php-fpm access log to rsyslog

do flag
Илья Бугримов

I am trying to find a solution for getting logs from php72 php-fpm yii2 application behind nginx on several numbers of servers: at now application writes its logs to files on server disk, yii performs rotation of log files.

But this solution requires fast and large disks that costs $$ and getting logs in one place with shared dir - another problem because acessing files from several servers causes individual log lines to be fragmented.

At the moment I began using promtail/loki, but promtail need to be running on the server with application and gives additional overhead for configuration and operate.

Here comes (I was thought) old good rsyslog, but all my attempts to get access logs from php-fpm failed:

  • getting all rsyslog lines to central promtail, not without problems, but it works,
  • getting log to rsyslog from pure php-cli scripts - ok,
  • yii-scripts - some lack of succes,
  • php-fpm - no one: no access logs, no error logs dont get to (r)syslog

what I relied on:

https://www.yiiframework.com/doc/api/2.0/yii-log-syslogtarget#$levels-detail

https://bugs.php.net/bug.php?id=76229

https://bugs.php.net/bug.php?id=67764

https://bugs.php.net/bug.php?id=79342

nginx / php-fpm error logging

My configs:

/etc/php.ini

;error_log = syslog # if change fpm writes nothing to syslog

/etc/php-fpm.conf

error_log = syslog
syslog.facility = local0
syslog.ident = php-fpm
log_level = notice # debug mode results in a constant stream of lines about child processes spawning

/etc/php-fpm.d/site.conf

php_admin_flag[log_errors] = on
php_admin_value[auto_prepend_file] = /etc/php-fpm.d/prepare_log.php
;php_admin_value[syslog.facility] = local0 # if uncomment php cannot change admin flag value
;php_admin_value[syslog.ident] = php-fpm-$pool # if uncomment php cannot change admin flag value
access.log = syslog
slowlog = syslog
;php_admin_value[error_log] = /var/log/php-fpm/$pool-error.log
;php_admin_value[error_log] = syslog # if uncomment php cannot change admin flag value

/etc/php-fpm.d/prepare_log.php

<?php
        openlog('php', LOG_NOTICE, LOG_LOCAL3);

/etc/rsyslog.conf

$ModLoad imuxsock 
$ModLoad imjournal
...
*.* action(type="omfwd" protocol="tcp" target="promtail.localdomain" port="1514" Template="RSYSLOG_SyslogProtocol23Format" TCP_Framing="octet-counted" KeepAlive="on")

There is exists any solutions for such problem without writing logs to the files and read from them? Maybe I dont get things right, maybe I need to look at docker/kubernetes mechanics to get logs, maybe there is a library to write directly to syslog/promtail that doesn't require a lot of application code change

735
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.