Raspberry Pi’s are great little computers for anything from home servers to prototyping of Internet of Things (IoT) devices. As a server, they’re going to be generating data such as who’s accessing the server and security logs. As an IoT device, the sky’s the limit for the type of data it will generate from any number of sensors attached. To help make sense of Raspberry Pi logs, a machine data analytics solution such as Sumo Logic can be invaluable.
This article is going to focus on how to setup a Sumo Logic collector on a Raspberry Pi 3 with Raspbian Linux Jessie. We’ll focus on collecting log-based data from your Raspberry Pi with an ARM architecture. At this time, the collector cannot natively ingest ARM-based Host Metrics, but it can still ingest Graphite-based metrics with other tools like CollectD forwarded to the Sumo Logic collector.
- Download Sumo Logic collector’s binary to Raspberry Pi
- Untar the binary.
- Download the 32-bit Community Tanuki wrapper for armhf CPU’s.
- Untar the wrapper.
- Copy the wrapper to the root directory where your Sumo Logic collector was extracted.
- Copy the wrapper’s library to the Sumo Logic wrapper library folder.
- Change permissions of the wrapper and collector.
- (Optional) Create a sources.json file.
- Create a user.properties file with at least the name, access ID, and access key in the [sumo_install_directory]/config folder.
- Install Sumo Logic.
- Start the Sumo Logic collector.
- Setup your sources.
While these instructions have been tested on this configuration, it will work on others setups as well.
- Raspberry Pi 3
- Linux Raspbian Jessie
- Internet connection to Raspberry Pi
- Sumo Logic account
1. Download Sumo Logic collector’s binary to Raspberry Pi.
On your Raspberry Pi, download the binary’s tarball for the appropriate Sumo Logic pod found here – Download a Collector from a Static URL.
sudo wget -o sumocollector.tar.gz https://collectors.us2.sumologic.com/rest/download/tar
Be sure to replace the download with the appropriate binary for your region (e.g., if you are in the EU region, replace it with the appropriate one listed in the download page).
2. Untar the binary.
Untar the binary to the /opt directory in Raspbian.
tar -xvf sumocollector.tar -C /opt
You can place the collector in a different folder if necessary, but /opt is the standard install path for Sumo Logic collectors.
3. Download the 32-bit Community Tanuki wrapper for armhf CPU’s.
The secret to getting the Sumo Logic collector running on a Raspberry Pi is the wrapper. For Raspbian Jessie, you will be using the 32-bit armhf wrapper with the Community license. Tanuki Software – Download the Java Service Wrapper.
Navigate to the extracted path of your Sumo collector.
Download the Tanuki wrapper to the Sumo collector’s root folder.
Replace the Tanuki download with the appropriate wrapper and license if necessary.
4. Untar the wrapper.
tar zxvf wrapper-linux-armhf-32-3.5.30.tar.gz
This will extract the wrapper to a folder in the Sumo Logic collector’s root folder.
5. Copy the wrapper to the Sumo Logic collector’s root.
Make sure you’re in the Sumo collector’s folder.
Then copy the wrapper to the collector’s root.
cp wrapper-linux-armhf-32-3.5.30.tar.gz/bin/wrapper .
6. Copy the wrapper’s library to the Sumo Logic wrapper library folder.
While still in the root of the Sumo Logic collector’s folder, find your version of your collector.
The version will look like this:
Copy the wrapper’s library to Sumo Logic’s library folder.
cp wrapper-linux-armhf-32-3.5.30.tar.gz/lib/libwrapper.so [version]/bin/native/lib
Replace [version] with the corresponding version of your collector. For example with the above, 19.182-25/bin/native/lib will be the path to copy the wrapper.
7. Change the permissions of the wrapper and collector.
You’ll want to make sure your collector and the library have execution permissions.
While in the root of the Sumo Logic folder:
sudo chmod ug+x wrapper
sudo chmod ug+x collector
8. (Optional) Create a sources.json file.
Should you want to specify your sources in a local configuration file, you can create it now. Details on how to create a sources.json file can be found here in our help docs: Use JSON to Configure Sources.
9. Create a user.properties file with a Sumo Logic access ID and access key.
The user.properties file is used to configure and register the Sumo Logic collector with your organization’s instance. This configuration file can be used for different things such as registration, proxy setup, and collector metadata. The parameters can be found at the Sumo Logic help page on user.properties.
The most basic requirements in your user.properties file are the accessid and accesskey parameters. Generate an access ID and access key set in Sumo Logic and hold onto the set.
Back in your Raspberry Pi, create the user.properties file.
Press ‘i’ to enter edit mode, then enter the parameters with your access key set.
accessid = INSERT YOUR SUMO LOGIC ACCESS ID
accesskey = INSERT YOUR SUMO LOGIC ACCESS KEY
If you are using a local source file (sources.json), then also include
syncSources= with the absolute path to your sources.json configuration file.
Press ‘escape’ to leave edit mode, then save the file by pressing :w (colon-w). Quit vim by pressing :q (colon-q).
10. Install Sumo Logic.
While in the Sumo collector’s folder, run the install command:
sudo ./collector install
At this point, the collector has been installed but it has not been started or registered. If you are creating an image, then you can take a snapshot of your Raspberry Pi at this point. Once it is restarted then the service will start and it will register the first time it starts.
11. Start the Sumo Logic collector.
You can either restart the system or run the command to start the service.
sudo ./collector start
If you go to the Sumo Logic Collector Management page, you can refresh the page and you will see your Raspberry Pi listed by the system’s name (unless you specified a name in user.properties).
12. Setup the sources.
Now that the collector is installed on your Raspberry Pi and the collector is showing up in the Sumo Logic collector management UI, you can add sources as you normally would through local file source. If you are using a JSON file to manage your sources, then you can skip this step.
At this point, you can collect the logs off of your Raspberry Pi like you would any normal Linux deployment. If we’re collecting the data into Sumo Logic, you can use the tool for anything from monitoring security of your home network’s syslogs to visualizing data off of smart devices around the world.
We’d love to see the different types uses for Sumo Logic on your Raspberry Pi. Let us know on Twitter!