23-11-21

Configuring rbk-log to start on boot

In my last post, I made mention of the fact that the Linux binary we use to connect Polaris to your syslog collector doesn’t start at boot and if you log off will be killed. I thought about that and decided that it would be stupid not to note how to make it automatically start on boot. I mean, why would you not?

The process itself is not complicated. In days of old you would have used /etc/init.d to configure services, these days we use a process called systemd. There are a couple of tricks to getting the rbk-log tool to work as it requires either switches or environment variables, and as we used environment variables the last time round, I’m going to stick with that.

So what steps do we need to take to make the magic happen?

  • Download the rbk-log tool if you haven’t already
  • Save the file to a home directory and make it executable
  • Configure the syslog service locally
  • Create the systemd service definition file
  • Start the rbk-log service to make sure it starts properly
  • Enable the service to auto start on boot

Downloading the rbk-log tool

You can get this tool from the Rubrik Support website, under Downloads. See my Sentinel blog post prior to this to see where it lives.

Save the file to a home directory and make it executable

As I’m using Ubuntu on EC2 for this example, there is a user created during VM provisioning called ubuntu. As it has a home directory already created, I’d recommend dropping the tool in there. To make it executable, run chmod ugo+x rbk-log. If you do an ls -l, it should look like the following :-

Saving rbk-log and making it executable for all

Create the systemd service definition file

We then need to create a small configuration file for the rbk-log tool so that systemd knows how the service should run and what other information it needs to start successfully. To save time, I’ve copied my definition file below :-

[Unit]
Description=Rubrik Polaris Syslog Importer
After=network.target
StartLimitIntervalSec=0

[Service]
Type=simple
Restart=always
RestartSec=1
User=ubuntu
ExecStart=/home/ubuntu/rbk-log start
Environment="RUBRIK_POLARIS_ACCOUNT="<your-tenant-id>.my.rubrik.com""
Environment="RUBRIK_POLARIS_LOG_NETWORK="tcp""
Environment="RUBRIK_POLARIS_LOG_PORT="514""
Environment="RUBRIK_POLARIS_LOG_SERVER="localhost""
Environment="RUBRIK_POLARIS_PASSWORD="<your-polaris-password>""
Environment="RUBRIK_POLARIS_USERNAME="<your-polaris-login-email>""

[Install]
WantedBy=multi-user.target

The file itself should be pretty self explanatory, just copy the file and put it into /etc/systemd/system and name it rbk-log.service. The full path to the saved file should be /etc/systemd/system/rbk-log.service

You will then need to go in and check the ExecStart parameter to make sure the path to the rbk-log tool executable is correct.

You will also need to configure the environment variables to match your configuration, so the three values in bold and the pointy brackets need to be amended. Save the file away when you’re done, if you get any permissions errors, remember you will probably need to run your text editor with the sudo command.

sudo vim /etc/systemd/system/rbk-log.service


Start the rbk-log service to make sure it starts properly

In order for systemd to refresh the config files, issue a sudo systemctl daemon-reload command at the prompt. This should be instant. Once you’ve reloaded systemctl, we can issue the command to start the rbk-log service :-

sudo systemctl start rbk-log.service

Wait a few seconds for the service to start and then issue a status command, to make sure it has started up properly.

sudo systemctl status rbk-log.service 

All being well, you should see something similar to below :-

Checking the status of the rbk-log service

You can also issue a tail -f /var/log/syslog command to watch the tail of the syslog file to perform any necessary troubleshooting.

Viewing the syslog file for errors


Enable the service to auto start on boot

All being well at this stage, we can now enable the service to start automatically on boot :-

sudo systemctl enable rbk-log

That’s it! You may wish to reboot the VM just to make sure the service auto starts, just as a precaution.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.