Loggly provides the infrastructure to aggregate and normalize log events so they are available to explore interactively, build visualizations, or create threshold-based alerting. In general, any method to send logs from a system or application to an external source can be adapted to send logs to Loggly. The following instructions provide one scenario for sending logs to Loggly.
When you add Cloudflare to your Apache configuration, your existing Loggly integration should not be affected. However, if your site uses custom access and error logs, you need to update your rsyslog Apache configuration file and, if desired, install an Apache module for Cloudflare to log visitor IP addresses on the original server.
Locate your Apache access and error log, typically stored in
/var/logor its sub-directories. Common paths include
If you cannot find the config log, try running
locate access.log access_log
/etc/rsyslog.d/21-apache.conffile, update the Apache access and error file paths to the custom log location.
For example, if your custom location for the Apache log file is located in
/var/log/apache2/custom-access.log, in the rsyslog Apache configuration file, change:
When Cloudflare is used on an Apache server, visitor IP addresses may display with Cloudflare addresses. To resolve this, follow the instructions to install the Apache module for Cloudflare. This module logs IP addresses from the original server instead of logging Cloudflare addresses.
Without that module enabled, the visitor addresses may be skewed, but the other log directives like user agents and data volume do not require any special configuration for the data to display correctly.