menu

Papertrail Solution for Rails Applications on ElasticBeanstalk

Papertrail is an awesome log aggregation service we’ve used for long time. There are many ways to send logs to Papertail service, but we found the following solution is the most straightforward and secure for Rails apps like ours.

  • Add remote_syslog_logger to Gemfile

gem 'remote_syslog_logger'
  • Configure logger in config/environments/production.rb

config.logger = ActiveSupport::TaggedLogging.new(RemoteSyslogLogger.new("localhost", 514, :program => ))
  • Create papertrail.config in .ebextensions folder with following content:

---
packages:
  yum:
    rsyslog-gnutls: []
files:
  "/etc/rsyslog.d/01-udp.conf":
     mode: "000640"
     owner: root
     group: root
     content: |
       $ModLoad imudp
       $UDPServerRun 514
  "/etc/rsyslog.d/02-papertrail-tls.conf":
     mode: "000640"
     owner: root
     group: root
     content: |
       $DefaultNetstreamDriverCAFile /etc/papertrail-bundle.pem # trust these CAs
       $ActionSendStreamDriver gtls # use gtls netstream driver
       $ActionSendStreamDriverMode 1 # require TLS
       $ActionSendStreamDriverAuthMode x509/name # authenticate by hostname
       $ActionSendStreamDriverPermittedPeer *.papertrailapp.com
container_commands:
  01_copy_ca_certs:
    command: cp ./.ebextensions/papertrail-bundle.pem /etc/papertrail-bundle.pem
  02_install_rsyslog_config:
    command: /bin/echo "*.* @@${SYSLOG_HOST}" > /etc/rsyslog.d/03-papertrail.conf
  03_restart_rsyslog:
    command: "/sbin/service rsyslog restart"
  • Download the latest Papertrail certificate into .ebextensions folder

curl https://papertrailapp.com/tools/papertrail-bundle.pem> .ebextensions/papertrail-bundle.pem
  • Configure SYSLOG_HOST environment variable for each deployment environment. If you use eb_deployer you can add a new option_settings such as:

- namespace: aws:elasticbeanstalk:application:environment
  option_name: SYSLOG_HOST
  value: logs2.papertrailapp.com:xxxx
  • Package, deploy and verify logs are sent to Papertrail

Basically the solution can be described as:

  • Rails app sending log directly to localhost rsyslog daemon using UDP protocol. UDP is a fire-and-forget protocol, so it helps improve logging performance.
  • Then syslog daemon forward logs to Papertrail syslog host using TCP with TLS encryption. Because production logs may have sensitive information we must deliver them through a reliable and secure channel.

sending logs

Reference: