Haproxy logging is not working

Hello,

I am setting up new haproxy by following the Introduction to HAProxy Logging - HAProxy Technologies and the logging is not working. Do you know what could be wrong?

version of haproxy: haproxy*-1.5.18-9.el7.x86_64
redhat release:Red Hat Enterprise Linux Server release 7.9 (Maipo)

Thanks
GBK

Please share your configuration.

Thanks for the response, below are the configurations.

haproxy.cfg

global

log 127.0.0.1:514 local2
chroot      /var/lib/haproxy
pidfile     /var/run/haproxy.pid
maxconn     4000
user        haproxy
group       haproxy
daemon

listen stats
bind *:9090
balance
mode http
stats enable
stats uri /
stats refresh 5s
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000

frontend connection_input
mode tcp
log 127.0.0.1:514 local2
bind *:8553
default_backend servers

backend servers
mode tcp
balance roundrobin
server xx xx.com:5678
server xxxx xxxx.com:5678
server xxxxx xxxxx.com:5678

->/etc/rsyslog.d/haproxy.conf
$ModLoad imudp
$UDPServerAddress 127.0.0.1
$UDPServerRun 514

Creating separate log files based on the severity

local2.* /var/log/haproxy.log
local2.notice /var/log/haproxy-allbutinfo.log

tcpdump on the loopback interface, to see if haproxy transmit log message or not. If it is, check rsyslog configuration.

tcpdump -i lo udp port 514

This is what i see with tcpdump

$tcpdump -i lo udp port 514 -vv
tcpdump: listening on lo, link-type EN10MB (Ethernet), capture size 262144 bytes

Did you trigger haproxy to produce log message, during your capture?

Stopping/starting haproxy, generating requests?

I was able to trigger messages on tcpdump trace by restarting haproxy service.

There you go.

But , i was not able to see any logs generated under /var/log? what could be missing ?

Well I don’t know much about rsyslogd. I suggest you check that configuration and reach out to the rsyslogd community if necessary.

Thank you. There are couple of locations I can think of whereabouts of these files. Can you please point me the paths and files and I need to look for rsyslogd confs.

No, like I said I don’t know much about rsyslog.

This is my rsyslog config if it helps (Some variables (we use ansible to deploy this) need to be replaced according to your installation)

$ModLoad imudp
$UDPServerRun 514
$UDPServerAddress 127.0.0.1
$umask 0000
$FileCreateMode 0644

local2.* {{ log_dir }}/{{ artifact }}.log
& stop

We also rotate the log file daily with this logrotate config
{{ log_dir }}/{{ artifact }}.log {
daily
rotate 10
missingok
notifempty
compress
create 644 {{ ansible_ssh_user }} {{ ansible_ssh_group }}
sharedscripts
postrotate
/bin/kill -HUP cat /var/run/syslogd.pid 2> /dev/null 2> /dev/null || true
/bin/kill -HUP cat /var/run/rsyslogd.pid 2> /dev/null 2> /dev/null || true
endscript
}

Thank you, if possible can you please paste your haproxy.conf as well.

global
log localhost:514 local2
chroot /var/lib/haproxy
maxconn 4000
user haproxy
group haproxy
daemon
tune.ssl.default-dh-param 2048
ssl-default-server-options no-sslv3 no-tls-tickets
ssl-default-bind-ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256

defaults
log global
option logasap
option dontlognull
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 30s
timeout client 30s
timeout server 70s
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000

And then some front-ends and back-ends that aren’t relevant to this topic