Description
Our gateway standard logs include events for both the Virtru processing in our Java stack and standard postfix logs. To make following our gateway logs easier when logs are sent to a SIEM logging tool, we offer the ability to split these logs into separate files.
Configuration:
1. Make sure you are on Gateway 2.42.0 or above, and execute the below commands:
docker create volume split-logs
docker inspect volume split-logs
-
-
"Mountpoint": "/var/lib/docker/100000.100000/volumes/test/_data", (You’ll get the mountpoint as the output)
-
touch <your mountpoint>gateway-logs.logs
touch <your mountpoint>postfix-logs.logs
2. If you are using a namespaced user, update the ownership of the newly created log files:
chown <UID>:<UID> gateway-logs.logs
chown <UID>:<UID> postfix-logs.logs
-
-
The uid in the above case would be 100000.100000
-
Reference: Isolate containers with a user namespace
-
3. Add “-v split-logs:/gateway-logs” to your docker run command
4. Add the following locations to your env vars file:
-
-
POSTFIX_LOG_LOCATION=/gateway-logs/postfix-logs.logs
-
GATEWAY_LOG_LOCATION=/gateway-logs/gateway-logs.logs
-
5. Send a few test emails through the gateway to have logs written
-
-
You should be able to cat <your mountpoint>/gateway-logs.logs/postfix-logs.logs and see both sets of logs.
-