Note:

• This tutorial requires access to Oracle Cloud. To sign up for a free account, see Get started with Oracle Cloud Infrastructure Free Tier.
• It uses example values for Oracle Cloud Infrastructure credentials, tenancy, and compartments. When completing your lab, substitute these values with ones specific to your cloud environment.

Automate a Custom Log Alert on Oracle Cloud Infrastructure Compute Linux using Oracle Cloud Infrastructure Logging

Introduction

In today’s cloud-centric world, effective monitoring and alerting are crucial to ensure the smooth operation of your applications and infrastructure. Proactive monitoring helps in identifying issues before they escalate, ensuring minimal downtime and optimal performance. In this tutorial, we will set up log monitoring and alerting without the need for tedious UI deployment and potential mistakes. This approach enhances automation and simplifies the management of both current and future deployments. For more information, see Custom Logs.

Objectives

We will collect and monitor Apache error logs. You can adapt this process for monitoring any logs that require constant attention. Since this tutorial provides Terraform code, you can reuse or modify it according to your specific requirements. This tutorial will guide you through setting up a comprehensive monitoring and alerting system using Oracle Cloud Infrastructure (OCI), Terraform, OCI Resource Manager, OCI Custom logs, OCI Connector Hub, and OCI Notifications.

We will create the following resources in Terraform, each with specific objectives:

• Dynamic Group: To give permission to the instances in a specific compartment.

• Oracle Cloud Infrastructure Identity and Access Management (OCI IAM) Policies: To grant the dynamic group access to use the logs of the instances.

• Log Groups and Logs with Agent Configurations: To read the logs from the instances. We will provide the details using parameters or variables. Depending on the input variables, custom logging will be created in the OCI Console.

• OCI Notifications Topic and Subscriptions: To receive notifications on log alerts.

• OCI Connector Hub: To pull the logs and push them to the notifications created in Terraform set up.

Prerequisites

• Access to an OCI tenancy with necessary permissions.

• Basic knowledge of Terraform and OCI.

• Check the OCI Compute Linux instance to ensure that the unified monitoring agent is installed and the custom log monitoring plugin is enabled For more information, see Installing the Agent.

• The Apache error log path or any log path which you want to define and alert.

Automate a Custom Log Alert

1. Log in to the OCI Console, go to Developer Services, Resource Manager, Stacks and click Create stack.

   

2. Download the Terraform file from here: custom_log_alerts.zip and upload it to the stack.

   

   

   

   

   

3. Enter the following information.

   • Existing compartment: This is where all resources will be deployed.Select the compartment where compute instances exist for log alerting.

   • Existing domain: This is Existing domain in the compartment.If not modified,Default domain is selected.

   • Label: Enter any keyword. This label gets prefixed to all resources created.

   • idcs_endpoint: This is the domain URL. To retrieve domain URL, go to the OCI Console and navigate to Identity, Domains.

   • email_endpoint: Enter email address to receive alerts.

   • Log_path: Any absolute path of logs which you want to alert. For example, for Apache error logs it will be /var/log/apache2/error.log.

   • parser: Select a related parser. For starters, select NONE by default. In this tutorial, select APACHE_ERROR parser for better visualization.

   

4. Select Run apply and click Create. Wait until the stack job state shows succeeded as shown in the following image. The stack will create respective dynamic groups, policies, log group, custom log, agentconfig, connector hub, notifications and email subscriptions.

   

   

5. (Optional) To check Apache logs from OCI Logging, go to the OCI Console and navigate to Observability and Management, Logging, select your compartment, click log name and Explore Log. This will be available only if there are new logs in the compute instance.

   

   

   

6. Final test is to see if the alerts are being notified using email, ensure to click Confirm Subscription to receive notifications. Generate logs on an ad hoc basis if needed for testing.

   

Next Steps

By completing this tutorial, you have successfully set up an automated monitoring and alerting system for Apache error logs on OCI using Terraform. This streamlined approach ensures real-time log visibility and immediate notifications for critical issues, enhancing your ability to maintain optimal application performance. You can now extend this setup to monitor any logs requiring constant attention, ensuring proactive management of your infrastructure

Acknowledgments

• Authors - Vishak Chittuvalapil (Senior Cloud Engineer), Samratha S P(Senior Cloud Engineer)

More Learning Resources

Explore other labs on docs.oracle.com/learn or access more free learning content on the Oracle Learning YouTube channel. Additionally, visit education.oracle.com/learning-explorer to become an Oracle Learning Explorer.

For product documentation, visit Oracle Help Center.

---

Title and Copyright Information

Automate a Custom Log Alert on Oracle Cloud Infrastructure Compute Linux using Oracle Cloud Infrastructure Logging

G11312-02

July 2024

Copyright ©2024,

Oracle and/or its affiliates.