How do I collect logs from servers in a corporate intranet? - Log Service

Background information

For example, you deployed multiple servers in a corporate intranet, and the servers do not have access to the Internet. If you want to collect logs from the servers to Log Service for query and analysis, you can authorize one of the servers to access the Internet. Then, you can configure this server as a gateway server. This way, you can collect logs from the other servers to Log Service.

You can configure a reverse proxy server, such as NGINX, as the gateway server. NGINX is an open source and high-performance HTTP server and reverse proxy server. For more information, visit the official NGINX website.

Working principle

You can use a gateway server to collect logs from servers in a corporate intranet to Log Service. The following three types of endpoints are used when Logtail communicates with Log Service:

The endpoints that start with logtail. Format: logtail.${region}.log.aliyuncs.com. Example: logtail.cn-beijing.log.aliyuncs.com. This type of endpoint is used for communication that involves control-related requests.
The endpoints that start with a project name. Format: ${project_name}.${region}.log.aliyuncs.com. Example: project_example.cn-beijing.log.aliyuncs.com. This type of endpoint is used for communication that involves data-related requests.
The endpoints that start with ali-${region}-sls-admin. Format: ali-${region}-sls-admin.${region}.log.aliyuncs.com. Example: ali-cn-beijing-sls-admin.cn-beijing.log.aliyuncs.com. This type of endpoint is used to report monitoring data.

In the preceding formats, ${region} specifies the region of the project that is used, and ${project_name} specifies the name of the project.

Step 1: Enable anonymous write

Submit a ticket to enable anonymous write.

Step 2: Configure a gateway server

The following procedure describes how to use NGINX to configure a server that has access to the Internet in a corporate intranet as a gateway server:

Log on to the server that you want to configure as a gateway server.
Install NGINX.

For more information, see Install NGINX.

Add the following settings to the nginx.conf file.

By default, HTTP access is used. The following example uses the default settings. You must replace ${DNS server address} with the actual value.

   server {
        listen       80;
        server_name  *.log.aliyuncs.com;

        location / {
            resolver ${DNS server address};
            proxy_set_header  Host $host;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_pass http://$host:80$request_uri;
            break;
       }
    }

Step 3: Bind the gateway server to the servers in the corporate intranet

After you configure the gateway server, you must bind the gateway server to the servers in the corporate intranet.

Log on to a server in the corporate intranet.
Install Logtail.
- To install Logtail on a Linux server, follow the instructions that are provided in Install Logtail on a Linux server.
- To install Logtail on a Windows server, follow the instructions that are provided in Install Logtail on a Windows server.
Configure DNS records.
In this example, dnsmasq and Linux are used.
1. Add the following script to the /etc/resolv.conf file to configure the local server as the DNS server:
```
nameserver 127.0.0.1
```
2. Add the following script to the /etc/dnsmasq.conf file to bind the gateway server to the local server:
  Replace ${IP address of the gateway server} with the actual value.
```
address=/.log.aliyuncs.com/${IP address of the gateway server}
```
Repeat Steps 1 to 3 to bind the gateway server to the other servers in the corporate intranet.

Step 4: Test network connectivity

Log on to a server in the corporate intranet.
Run the following commands.
In the following commands, ${region} specifies the region of the project that is used, and ${project_name} specifies the name of the project. Replace the variables with the actual values.
```
curl http://logtail.${region}.log.aliyuncs.com
```
```
curl http://${project_name}.${region}.log.aliyuncs.com
```
```
curl http://ali-${region}-sls-admin.${region}.log.aliyuncs.com                        
```
If information similar to the following code is returned, the network is connected:
```
null
```
Repeat Steps 1 to 2 to test the network connectivity for the other servers in the corporate intranet.

FAQ

If issues occur during collection, you can submit a ticket to contact technical support.

Log Service:How do I collect logs from servers in a corporate intranet?

Prerequisites