Configuring Logging

Using a central log-server allows receiving messages from Billing host and storing them in log files on another server.

Important:
1. Centralized logging was tested on RHEL 7 with rsyslogd on a server side.
2. If Billing is configured to write logs on a remote server but is not able to connect to the log server, or there is some other issue with writing logs there, Billing will not start.
3. No sensitive data will be logged, no matter which logging level is chosen. Personal data may be included into logs if local5, local6 or local7 level is chosen. It is not recommended to use levels greater than 4 for production systems. In case of using level greater than 4, you must implement necessary data protection (such as encryption) to be complaint with GDPR policy.

Configure the syslog server:
1. Locate the configuration file:
  
  /etc/rsyslog.conf
2. Provide UDP syslog reception by removing the # symbol for these lines:
  
  #$ModLoad imudp
  
  #$UDPServerRun 514
3. Allow UPD connections from Billing to the syslog server by entering the Billing IP address at this line:
  
  $AllowedSender UDP, 127.0.0.1, <pba_ip_address>
4. Restart the syslog server by executing:
```
service rsyslog restart
```
Configure logging on Billing side:
1. Open the Billing configuration file:
  
  /usr/local/bm/etc/ssm.conf.d/global.conf
2. Add the following strings to the [environment] section:
  
  SyslogAddress=<Address>
  
  SyslogPort=<Port>
  
  SyslogFacility=<Facility>
  
  where:
  - SyslogAddress is an IP (IPv4 or IPv6) address or hostname of the syslog server;
  - SyslogPort (optional): the port of syslog daemon on the syslog server (either a number or a name from /etc/services). The default value is 'syslog';
  - SyslogFacility(optional): the facility code that determines the level of logging messages. The default value is 23 (LOCAL7);
    
    Available values:
    - 0 kernel messages
    - 1 user-level messages
    - 2 mail system
    - 3 system daemons
    - 4 security/authorization messages
    - 5 messages generated internally by syslogd
    - 6 line printer subsystem
    - 7 network news subsystem
    - 8 UUCP subsystem
    - 9 clock daemon
    - 10 security/authorization messages
    - 11 FTP daemon
    - 12 NTP subsystem
    - 13 log audit
    - 14 log alert
    - 15 clock daemon
    - 16 local use 0 (local0)
    - 17 local use 1 (local1)
    - 18 local use 2 (local2)
    - 19 local use 3 (local3)
    - 20 local use 4 (local4)
    - 21 local use 5 (local5)
    - 22 local use 6 (local6)
    - 23 local use 7 (local7)
3. Restart the pba service by executing: /etc/init.d/pba restart
Configure the online store logging:
1. Open the log file:
  
  /usr/local/bm/templatestore/conf/params.inc
2. Add the following strings to the end of the <?php .. ?> section:
  
  $syslogAddress = <Address>;
  $syslogPort = <Port>;
  $syslogFacility = <Facility>;
  
  where
  - $syslogAddress is an IP address (IPv4 or IPv6) or hostname of the syslog server.
    
    Important: The value must be entered using single quotation marks, for example: $syslogAddress = 'syslog';
    To disable logging, set $syslogAddress = false; (without quotation marks);
  - $syslogPort (optional): the syslog daemon port on the syslog server; the value is either a number or name from /etc/services. The default value is 'syslog';
  - $syslogFacility (optional): a facility code that determines the level of logging messages. The default value is 23 (LOCAL7) facility codes description is provided above.
  Example:
  
  < ?php
  $SERVER_HOST = "127.0.0.1";
  $SERVER_PORT = 5224;
  $SECURE = false;
  $SECURITY_TOKEN = 1;
  $defaultStoreID = 1;
  
  $syslogAddress = false;
  $syslogPort = 514;
  $syslogFacility = 20;
  ?>
Test whether centralized logging is set up properly:
1. Connect to the syslog server using the hostname or address.
2. Locate the log file: /var/log/pa/billing.log
3. Check its content.