4. History logging

To enable history logging there are some steps that need to be completed which are outlined below.

4.1. Install Elasticsearch

Elastic has an article on installing Elasticsearch here.

4.2. Import an index template

Import one of the index templates below into Elasticsearch. The differences between these index templates are described in each section.

4.2.1. Delivery attempts

This template will log all delivery attempts and the same message may appear multiple times, once for each delivery attempt. For this template you should set the value for elasticsearch.index to halon-delivery-attempts in the web.yaml file.

curl -k -X PUT -H "Content-Type: application/json" -d @/opt/halon/web/share/history/elasticsearch/delivery-attempts/halon_timeseries_policy.json http://elastic:[email protected]:9200/_ilm/policy/halon-timeseries-policy
curl -k -X PUT -H "Content-Type: application/json" -d @/opt/halon/web/share/history/elasticsearch/delivery-attempts/halon_delivery_attempts.json http://elastic:[email protected]:9200/_index_template/halon-delivery-attempts

4.2.2. Transactions

This template will log all transactions and update the state for them instead of creating a new log entry after each delivery attempt. For this template you should set the value for elasticsearch.index to halon-transactions-* in the web.yaml file.

curl -k -X PUT -H "Content-Type: application/json" -d @/opt/halon/web/share/history/elasticsearch/transactions/halon_transactions.json http://elastic:[email protected]:9200/_index_template/halon-transactions

4.2.2.1. Curator

When using this template you also need to periodically remove old indices in Elasticsearch, you can use Elasticsearch’s Curator CLI as a cron job. This sample configuration will remove indices older than 120 days based on the index and date syntax (e.g. halon-transactions-%Y-%m-%d).

Curator configuration ~/.curator/curator.yml sample file:

elasticsearch:
  client:
    hosts:
      - http://127.0.0.1:9200
    ca_certs:
    client_cert:
    client_key:
    verify_certs: False
    request_timeout: 30
  other_settings:
    username: elastic
    password: elastic
    master_only: False
logging:
  loglevel: INFO
  logfile:
  logformat: default
  blacklist: ['elastic_transport', 'urllib3']

Curator action ~/.curator/delete_indices.yml sample file:

actions:
  1:
    action: delete_indices
    description: >-
      Delete indices older than 120 days (based on index name)
    options:
      ignore_empty_list: True
      disable_action: False
    filters:
    - filtertype: pattern
      kind: prefix
      value: halon-transactions-
    - filtertype: age
      source: name
      direction: older
      timestring: '%Y-%m-%d'
      unit: days
      unit_count: 120

Run the action file with this command:

curator delete_indices.yml

4.3. Add configuration

Use the elasticsearch directives to enable history logging in the web administration.

4.4. Start sending data

To start sending data to Elasticsearch from the smtpd process using HSL you can use the history-elastic plugin (supports both index templates).