Client-side failover
AxoSyslog can detect if the remote server of a network destination becomes inaccessible, and start sending messages to a secondary server. You can configure multiple failover servers, so if the secondary server becomes inaccessible as well, AxoSyslog switches to the third server in the list, and so on. If there are no more failover servers left, AxoSyslog returns to the beginning of a list and attempts to connect to the primary server.
The primary server is the address you provided in the destination driver configuration and it has a special role. AxoSyslog nominates this destination over the failover servers, and handles it as the primary address.
When AxoSyslog starts up, it always connects to the primary server first. In the failover() option there is a possibility to customize the failover modes.
Depending on how you set the failback() option, AxoSyslog behaves as follows:
-
round-robin mode: Iffailback()is not set, AxoSyslog does not attempt to return to the primary server even if it becomes available. In case the failover server fails, AxoSyslog attempts to connect the next failover server in the list in round-robin fashion.In the following example AxoSyslog handles the logservers in round-robin fashion if the primary logserver becomes inaccessible (therefore
failback()option is not set).destination d_network { network( "primary-server.com" port(601) failover( servers("failover-server1", "failover-server2") ) ); };-
failback mode: Iffailback()is set, AxoSyslog attempts to return to the primary server.After AxoSyslog connects a secondary server during a failover, it sends a probe every
tcp-probe-interval()seconds towards the primary server. If the primary logserver responds with a TCP ACK packet, the probe is successful. When the number of successful probes reaches the value set in thesuccessful-probes-required()option, AxoSyslog tries to connect the primary server using the last probe.Note
AxoSyslog always waits for the result of the last probe before sending the next message. So if one connection attempt takes longer than the configured interval, that is, it waits for connection time out, you may experience longer intervals between actual probes.In the following example AxoSyslog attempts to return to the primary logserver, as set in the
failback()option: it will check if the server is accessible everytcp-probe-interval()seconds, and reconnect to the primary logserver after three successful connection attempts.destination d_network_2 { network( "primary-server.com" port(601) failover( servers("failover-server1", "failover-server2") failback( successful-probes-required() tcp-probe-interval() ) ) ); };
-
If AxoSyslog is restarted, it attempts to connect the primary server.
If AxoSyslog uses TLS-encryption to communicate with the remote server, AxoSyslog checks the certificate of the failover server as well. The certificates of the failover servers should match their domain names or IP addresses — for details, see Encrypting log messages with TLS. Note that when mutual authentication is used, the AxoSyslog client sends the same certificate to every server.
The primary server and the failover servers must be accessible with the same communication method: it is not possible to use different destination drivers or options for the different servers.
Note
Client-side failover works only for TCP-based connections (including TLS-encrypted connections), that is, the syslog() and network() destination drivers (excluding UDP transport).
Client-side failover is not supported in the sql() driver, even though it may use a TCP connection to access a remote database.
For details on configuring failover servers, see network() destination options and syslog() destination options.