Manage logs with Symfony and Graylog

keized

Kevin Fiseneck

Posted on July 5, 2022

Manage logs with Symfony and Graylog

Logging with Symfony - Graylog

Docker-compose configuration

Graylog need elasticsearch and mongodb to store and index data.
Let's create our docker-compose file:


version: '3.7'

services:
    #[...]

     elasticsearch:
        image: docker.elastic.co/elasticsearch/elasticsearch:7.12.1
        environment:
            - node.name=elasticsearch
            - cluster.name=docker-cluster
            - bootstrap.memory_lock=true
            - discovery.type=single-node
            - xpack.security.enabled=false
            - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
        ulimits:
            memlock:
                soft: -1
                hard: -1
        volumes:
            - esdata:/usr/share/elasticsearch/data
        ports:
            - 9200:9200
    mongodb:
        image: "mongo:4.2"
        restart: always

    graylog:
        image: "graylog/graylog:4.3.2"
        depends_on:
            -   elasticsearch
            -   mongodb
        entrypoint: "/usr/bin/tini -- wait-for-it elasticsearch:9200 --  /docker-entrypoint.sh"
        environment:
            GRAYLOG_PASSWORD_SECRET: somepasswordpepper
            # to generate a password hash, type: echo -n admin | shasum -a 256
            GRAYLOG_ROOT_PASSWORD_SHA2: 8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918
            GRAYLOG_HTTP_BIND_ADDRESS: "0.0.0.0:9001"
            GRAYLOG_HTTP_EXTERNAL_URI: "http://localhost:9001/"
            GRAYLOG_ELASTICSEARCH_HOSTS: "http://elasticsearch:9200"
            GRAYLOG_MONGODB_URI: "mongodb://mongodb:27017/graylog"
        ports:
            - "5044:5044/tcp"   # Beats
            - "5140:5140/udp"   # Syslog
            - "5140:5140/tcp"   # Syslog
            - "5555:5555/tcp"   # RAW TCP
            - "5555:5555/udp"   # RAW TCP
            - "9001:9001/tcp"   # Server API
            - "12201:12201/tcp" # GELF TCP
            - "12201:12201/udp" # GELF UDP
            - "13301:13301/tcp" # Forwarder data
            - "13302:13302/tcp" # Forwarder config
volumes:
    esdata:
Enter fullscreen mode Exit fullscreen mode

Install Monolog on your project

Monolog bundle integrates Monolog into Symfony, it comes with many handlers like slack, elasticsearch and Graylog

composer require symfony/monolog-bundle
Enter fullscreen mode Exit fullscreen mode

Install the gelf implementation in php

composer require graylog2/gelf-php
Enter fullscreen mode Exit fullscreen mode

Now go to the /config/packages/dev/monolog.yaml

As you can see the there are 2 handlers:
- "streams" write all logs into a file
- "console" allow you to see logs on your terminal when you execute a task with the option -vvv

Now add the new handler to send all logs in graylog:

monolog:
    handlers:
        # [...]
        graylog:
            type: gelf
            publisher:
                hostname: "%env(GRAYLOG_HOST)%"
                port: "%env(GRAYLOG_PORT)%"
            level: debug
Enter fullscreen mode Exit fullscreen mode

Then add this 2 new env variable in your .env file

#[...]
GRAYLOG_HOST=localhost
GRAYLOG_PORT=12201
Enter fullscreen mode Exit fullscreen mode

Configure a new input in graylog

Go to http://localhost:9001/ then connect you with the credentials: admin/admin

Then go to System/Inputs, select "GELF UDP" then click on launch input.

Test

Go to your website then go back to your graylog dashboard, now you can see all the logs :)

💖 💪 🙅 🚩
keized
Kevin Fiseneck

Posted on July 5, 2022

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related