Automating Agent and Log Forwarding to New Relic on Ubuntu

Page content

Automating Agent and Log Forwarding to New Relic on Ubuntu

In this post, we’ll walk through the steps to automate the installation and configuration of the New Relic Infrastructure agent on an Ubuntu system. Additionally, we’ll show how to dynamically configure log forwarding for all log files in the /var/log directory and its subdirectories.

This script has been tested on Ubuntu 22.04 LTS on ARM, but should work for other versions of Ubuntu. The script is designed to be run by user. You will need to comment out some of the validation outputs if you use it in automation.

Prerequisites

Before you start, you’ll need:

  1. Root access to your Ubuntu server.
  2. A New Relic account.
  3. Your New Relic license key.

Getting Your New Relic License Key

To find your New Relic license key:

  1. Log in to your New Relic account.
  2. Navigate to Account settings.
  3. Select API keys under the API keys section.
  4. Your license key will be listed under the API key section. Look for a key of type “INGEST - LICENSE”
  5. If you dont have an ingestion key, click on “Create a Key”, select you account id and license type of “INGEST - LICENSE”. Give it a good name and nodes.

Keep this key handy as you will need it to configure the New Relic Infrastructure agent.

Automating the Installation and Configuration

Here’s a script to automate the installation and configuration of the New Relic Infrastructure agent and to dynamically configure log forwarding for all *.log files in the /var/log directory and its subdirectories.

#!/bin/bash

# Check for root privileges
if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root"
   exit 1
fi

# Define your New Relic license key
NEW_RELIC_LICENSE_KEY="MYKEY"

# Check if the license key is set
if [[ -z "$NEW_RELIC_LICENSE_KEY" ]]; then
    echo "New Relic license key is not set. Please set the NEW_RELIC_LICENSE_KEY variable."
    exit 1
fi

# Determine the version of the OS
. /etc/os-release
VERSION_CODENAME=${VERSION_CODENAME:-$(lsb_release -cs)}

# Update package lists
echo "Updating package lists..."
apt update

# Check if the New Relic repository is already added
REPO_FILE="/etc/apt/sources.list.d/newrelic-infra.list"
REPO_ENTRY="deb https://download.newrelic.com/infrastructure_agent/linux/apt/ $VERSION_CODENAME main"

if grep -Fxq "$REPO_ENTRY" "$REPO_FILE"; then
    echo "New Relic repository is already added."
else
    echo "Adding New Relic repository..."
    curl -Ls https://download.newrelic.com/infrastructure_agent/gpg/newrelic-infra.gpg | apt-key add -
    echo "$REPO_ENTRY" | tee -a "$REPO_FILE"
fi

# Install the New Relic agent and integrations
echo "Installing New Relic agent and integrations..."
apt update
apt install newrelic-infra -y

# Configure the New Relic agent
echo "Configuring New Relic agent..."
echo "license_key: $NEW_RELIC_LICENSE_KEY" | tee /etc/newrelic-infra.yml

# Configure log forwarding
echo "Configuring log forwarding..."
mkdir -p /etc/newrelic-infra/logging.d

# Scan for .log files and add them to the logs.yml
LOGGING_CONFIG="/etc/newrelic-infra/logging.d/logs.yml"
echo "logs:" | tee "$LOGGING_CONFIG"

find /var/log -type f -name "*.log" | while read -r LOG_FILE; do
    LOG_BASENAME=$(basename "$LOG_FILE")
    LOG_TYPE="generic"

    case "$LOG_BASENAME" in
        syslog)
            LOG_TYPE="system"
            ;;
        kern.log)
            LOG_TYPE="kernel"
            ;;
        auth.log)
            LOG_TYPE="auth"
            ;;
        apache2/access.log)
            LOG_TYPE="apache_access"
            ;;
        apache2/error.log)
            LOG_TYPE="apache_error"
            ;;
        dpkg.log)
            LOG_TYPE="dpkg"
            ;;
        apt/history.log)
            LOG_TYPE="apt_history"
            ;;
        faillog)
            LOG_TYPE="faillog"
            ;;
        btmp)
            LOG_TYPE="btmp"
            ;;
        mail.log)
            LOG_TYPE="mail"
            ;;
    esac

    cat <<EOL >> "$LOGGING_CONFIG"
  - name: $LOG_BASENAME
    file: $LOG_FILE
    attributes:
      logtype: $LOG_TYPE
EOL
done

# Validate the configuration file
echo "Validating the New Relic configuration file..."
cat /etc/newrelic-infra.yml

# Validate the configuration file
echo "Validating the New Relic log configuration file..."
cat /etc/newrelic-infra/logging.d/logs.yml

# Start and enable the New Relic agent service
echo "Starting and enabling New Relic agent service..."
systemctl restart newrelic-infra
systemctl enable newrelic-infra

# Verify the installation
echo "Verifying the installation... Press ctrl-c to exit"
systemctl status newrelic-infra

Explanation

  1. Check for Root Privileges: The script begins by ensuring it is run with root privileges.

  2. Define and Check New Relic License Key: The script requires the New Relic license key to be set. Make sure to replace MYKEY with your actual New Relic license key.

  3. Determine OS Version: It determines the OS version to correctly add the New Relic repository.

  4. Add New Relic Repository: The script adds the New Relic repository if it hasn’t been added already.

  5. Install New Relic Agent and Integrations: It installs the New Relic Infrastructure agent and necessary integrations.

  6. Configure New Relic Agent: The script creates the newrelic-infra.yml configuration file with the license key.

  7. Configure Log Forwarding:

    • It creates a directory for logging configurations.
    • Scans the /var/log directory and its subdirectories for all *.log files.
    • Dynamically generates entries in the logs.yml file for each log file found, categorizing some common log files with specific logtype attributes.
  8. Validate and Start New Relic Agent:

    • Validates the configuration file.
    • Restarts and enables the New Relic Infrastructure agent service.
    • Verifies the installation.

Conclusion

By using this script, you can automate the installation and configuration of the New Relic Infrastructure agent and dynamically set up log forwarding for all log files in the /var/log directory. This ensures that you have comprehensive logging coverage, making it easier to monitor and analyze your system’s logs in New Relic.

For more detailed information, you can refer to the official New Relic documentation.