blob: f9723dea89d7c7ec6ec81d1171aef2c9ac2b9b8b [file] [log] [blame] [raw]
<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
This file is part of systemd.
Copyright 2014 Zbigniew Jędrzejewski-Szmek
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->
<refentry id="systemd-journal-upload" conditional='HAVE_MICROHTTPD'
xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>systemd-journal-upload</title>
<productname>systemd</productname>
<authorgroup>
<author>
<contrib>Developer</contrib>
<firstname>Zbigniew</firstname>
<surname>Jędrzejewski-Szmek</surname>
<email>zbyszek@in.waw.pl</email>
</author>
</authorgroup>
</refentryinfo>
<refmeta>
<refentrytitle>systemd-journal-upload</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv>
<refname>systemd-journal-upload</refname>
<refpurpose>Send journal messages over the network</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>systemd-journal-upload</command>
<arg choice="opt" rep="repeat">OPTIONS</arg>
<arg choice="opt" rep="norepeat">-u/--url=<replaceable>URL</replaceable></arg>
<arg choice="opt" rep="repeat">SOURCES</arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para>
<command>systemd-journal-upload</command> will upload journal
entries to the URL specified with <option>--url</option>. Unless
limited by one of the options specified below, all journal
entries accessible to the user the program is running as will be
uploaded, and then the program will wait and send new entries
as they become available.
</para>
</refsect1>
<refsect1>
<title>Options</title>
<variablelist>
<varlistentry>
<term><option>-u</option></term>
<term><option>--url=<optional>https://</optional><replaceable>URL</replaceable></option></term>
<term><option>--url=<optional>http://</optional><replaceable>URL</replaceable></option></term>
<listitem><para>Upload to the specified
address. <replaceable>URL</replaceable> may specify either
just the hostname or both the protocol and
hostname. <constant>https</constant> is the default.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--system</option></term>
<term><option>--user</option></term>
<listitem><para>Limit uploaded entries to entries from system
services and the kernel, or to entries from services of
current user. This has the same meaning as
<option>--system</option> and <option>--user</option> options
for
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>. If
neither is specified, all accessible entries are uploaded.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>-m</option></term>
<term><option>--merge</option></term>
<listitem><para>Upload entries interleaved from all available
journals, including other machines. This has the same meaning
as <option>--merge</option> option for
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>-D</option></term>
<term><option>--directory=<replaceable>DIR</replaceable></option></term>
<listitem><para>Takes a directory path as argument. Upload
entries from the specified journal directory
<replaceable>DIR</replaceable> instead of the default runtime
and system journal paths. This has the same meaning as
<option>--directory</option> option for
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--file=<replaceable>GLOB</replaceable></option></term>
<listitem><para>Takes a file glob as an argument. Upload
entries from the specified journal files matching
<replaceable>GLOB</replaceable> instead of the default runtime
and system journal paths. May be specified multiple times, in
which case files will be suitably interleaved. This has the same meaning as
<option>--file</option> option for
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--cursor=</option></term>
<listitem><para>Upload entries from the location in the
journal specified by the passed cursor. This has the same
meaning as <option>--cursor</option> option for
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--after-cursor=</option></term>
<listitem><para>Upload entries from the location in the
journal <emphasis>after</emphasis> the location specified by
the this cursor. This has the same meaning as
<option>--after-cursor</option> option for
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--save-state</option><optional>=<replaceable>PATH</replaceable></optional></term>
<listitem><para>Upload entries from the location in the
journal <emphasis>after</emphasis> the location specified by
the cursor saved in file at <replaceable>PATH</replaceable>
(<filename>/var/lib/systemd/journal-upload/state</filename> by default).
After an entry is successfully uploaded, update this file
with the cursor of that entry.
</para></listitem>
</varlistentry>
<xi:include href="standard-options.xml" xpointer="help" />
<xi:include href="standard-options.xml" xpointer="version" />
</variablelist>
</refsect1>
<refsect1>
<title>Exit status</title>
<para>On success, 0 is returned; otherwise, a non-zero
failure code is returned.</para>
</refsect1>
<refsect1>
<title>Examples</title>
<example>
<title>Setting up certificates for authentication</title>
<para>Certificates signed by a trusted authority are used to
verify that the server to which messages are uploaded is
legitimate, and vice versa, that the client is trusted.</para>
<para>A suitable set of certificates can be generated with
<command>openssl</command>:</para>
<programlisting>openssl req -newkey rsa:2048 -days 3650 -x509 -nodes \
-out ca.pem -keyout ca.key -subj '/CN=Certificate authority/'
cat &gt;ca.conf &lt;&lt;EOF
[ ca ]
default_ca = this
[ this ]
new_certs_dir = .
certificate = ca.pem
database = ./index
private_key = ca.key
serial = ./serial
default_days = 3650
default_md = default
policy = policy_anything
[ policy_anything ]
countryName = optional
stateOrProvinceName = optional
localityName = optional
organizationName = optional
organizationalUnitName = optional
commonName = supplied
emailAddress = optional
EOF
touch index
echo 0001 &gt;serial
SERVER=server
CLIENT=client
openssl req -newkey rsa:1024 -nodes -out $SERVER.csr -keyout $SERVER.key -subj "/CN=$SERVER/"
openssl ca -batch -config ca.conf -notext -in $SERVER.csr -out $SERVER.pem
openssl req -newkey rsa:1024 -nodes -out $CLIENT.csr -keyout $CLIENT.key -subj "/CN=$CLIENT/"
openssl ca -batch -config ca.conf -notext -in $CLIENT.csr -out $CLIENT.pem
</programlisting>
<para>Generated files <filename>ca.pem</filename>,
<filename>server.pem</filename>, and
<filename>server.key</filename> should be installed on server,
and <filename>ca.pem</filename>,
<filename>client.pem</filename>, and
<filename>client.key</filename> on the client. The location of
those files can be specified using
<varname>TrustedCertificateFile=</varname>,
<varname>ServerCertificateFile=</varname>,
<varname>ServerKeyFile=</varname>, in
<filename>/etc/systemd/journal-remote.conf</filename> and
<filename>/etc/systemd/journal-upload.conf</filename>,
respectively. The default locations can be queried by using
<command>systemd-journal-remote --help</command> and
<command>systemd-journal-upload --help</command>.</para>
</example>
</refsect1>
<refsect1>
<title>See Also</title>
<para>
<citerefentry><refentrytitle>systemd-journal-remote</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-journal-gatewayd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
</para>
</refsect1>
</refentry>