Starting with version 4.5.0, AxoSyslog can send data to Google Cloud Pub/Sub using its HTTP REST API.

Prerequisites

For details, see the Google Pub/Sub tutorial.

Configuration

To configure AxoSyslog, you’ll need the name of the project and the topic where you want to send your data.

Minimal configuration:

@include "scl.conf"
# ...

destination d_pubsub {
  google-pubsub(
    project("syslog-ng-project")
    topic("syslog-ng-topic")
    auth(
      service-account(
        key("/path/to/service-account-key.json")
      )
    )
  );
};

This driver is actually a reusable configuration snippet configured to send log messages using the http() driver using a template. You can find the source of this configuration snippet on GitHub.

Options

The following options are specific to the google-pubsub() destination. But since this destination is based on the http() destination, you can use the options of the http() destination as well if needed.

Note: The google-pubsub() destination automatically configures some of these http() destination options as required by the Google Pub/Sub API.

attributes()

Type: string
Default: "--scope rfc5424,all-nv-pairs --exclude MESSAGE"

Description: A JSON object representing key-value pairs for the Pub/Sub Event, formatted as AxoSyslog value-pairs. By default, the google-pubsub() destination sends the RFC5424 fields as attributes. If you want to send different fields, override the default template. By default, the message part is sent in the data() option.

auth()

Options for cloud-related authentication. Currently only the GCP Service Account authentication is supported.

Specify the JSON file storing the key to the service account like this:

auth(
    service-account(
      key("/path/to/service-account-key.json")
    )
  )

service-account()

Authenticate to a service account using Service Account Key-Based Authentication. This method works both inside and outside GCP It uses a service account key generated and downloaded through the GCP IAM & Admin console. The long-term service account key is used to generate short-term tokens for authentication (also called self-signed JWT).

audience()
Type: string
Default:
key()
Type: string (path)
Default:

Path to the service account key.

scope()
Type: string
Default:

Available in AxoSyslog version 4.15 and later.

URL for a scope claim for authentication instead of audience. For example:

  ...
  cloud-auth(
    gcp(
      service-account(
        key("/path/to/secret.json")
        scope("https://www.googleapis.com/auth/example-scope")
      )
    )
  )
token-validity-duration()
Type: integer (seconds)
Default: 3600

user-managed-service-account()

Available in AxoSyslog version 4.6 and later.

Authenticate to a user-managed service account of a GCP virtual machine using the VM Metadata Server Method. AxoSyslog interacts with the internal GCP metadata server, which provides an OAuth2 token for authentication. You can attach the default service accounts as well.

metadata-url()
Type: string
Default: http://metadata.google.internal/computeMetadata/v1/instance/service-accounts

The URL of the metadata server. When specifying the port, use the URL:port format.

name()
Type: string
Default: default

Name of the service account to use.

data()

Type: string/template
Default: "${MESSAGE}"

Description: The template to use as the data part of the Google Pub/Sub message.

project()

Type: string
Default: -

Description: The ID of the Google Cloud project where AxoSyslog sends the data. The Pub/Sub API must be enabled for the project.

topic()

Type: string
Default: -

Description: The name of the Google Pub/Sub topic where AxoSyslog sends the data.

service_endpoint()

Type: string
Default: https://pubsub.googleapis.com

The service endpoint for the Pub/Sub API where AxoSyslog sends the data. For a list of locational endpoints, see the official Pub/Sub APIs documentation.