• /
  • Log in
  • Free account

Fluentd plugin for log forwarding

If your log data is already being monitored by Fluentd, you can use our Fluentd integration to forward and enrich your log data in New Relic.

Forwarding your Fluentd logs to New Relic will give you enhanced log management capabilities to collect, process, explore, query, and alert on your log data.

Basic process

To enable log management capabilities:

  1. Make sure you have:
  1. Install the Fluentd plugin.
  2. Configure the Fluentd plugin.
  3. If applicable, configure EU endpoint
  4. Test the Fluentd plugin.
  5. Generate some traffic and wait a few minutes, then check your account for data.

Install the Fluentd plugin

To install the Fluentd plugin:

Configure the Fluentd plugin

Tip

If you're configuring Fluentd for the first time, you may find it helpful to review our collection of pre-built configuration files addressing common use cases.

To configure your Fluentd plugin:

  1. In your fluent.conf file, or td-agent.conf if using the td-agent, add the following block of data, replacing the placeholder text with your New Relic license key:
#Tail one or more log files
<source>
  @type tail
  <parse>
    @type none
  </parse>
  path /path/to/file
  tag example.service
</source>

#Add hostname and service_name to all events with "example.service" tag
<filter example.service>
  @type record_transformer
  <record>
    service_name ${tag}
    hostname "#{Socket.gethostname}"
  </record>
</filter>

#Forward all events to New Relic
<match **>
  @type newrelic
  license_key YOUR_LICENSE_KEY
</match>
  1. Restart the Fluentd service to ensure your changes are applied.

Configure the Fluentd Plugin for EU accounts

By default the Fluentd plugin forwards logs to New Relic's US endpoint: https://log-api.newrelic.com/log/v1. If your account is in New Relic's EU data center, you must manually set the base_uri property to the EU endpoint. For example:

#Tail one or more log files
<source>
  @type tail
  <parse>
    @type none
  </parse>
  path /path/to/file
  tag example.service
</source>

#Add hostname and service_name to all events with "example.service" tag
<filter example.service>
  @type record_transformer
  <record>
    service_name ${tag}
    hostname "#{Socket.gethostname}"
  </record>
</filter>

#Forward all events to New Relic EU Endpoint
<match **>
  @type newrelic
  license_key YOUR_LICENSE_KEY
  base_uri https://log-api.eu.newrelic.com/log/v1
</match>

Test the Fluentd plugin

To test if your Fluentd plugin is receiving input from a log file:

  1. Run the following command to append a test log message to your log file:
echo "test message" >> /PATH/TO/YOUR/LOG/FILE
  1. Search the New Relic Logs UI for test message.

View log data

If everything is configured correctly and your data is being collected, you should see data logs in both of these places:

SELECT * FROM Log

If no data appears after you enable our log management capabilities, follow our standard log troubleshooting procedures.

Tune up log Fluentd buffer

By default, the plugin sends logs to New Relic One every five seconds. If you want to change this timing, add a <buffer> block to the configuration by following this example:

[...]

# Forward all events to New Relic EU Endpoint
<match **>
  @type newrelic
  license_key YOUR_LICENSE_KEY

  <buffer time>
    timekey 60s
  </buffer>
</match>

For more information, see the Fluentd documentation about buffer configurations.

What's next?

Explore logging data across your platform with the New Relic One UI.

For more help

If you need more help, check out these support and learning resources:

Create issueEdit page
Copyright © 2021 New Relic Inc.