Export acl & no-subscription-match logs

Solace Event Broker
1

Hello Solace Community,

We are looking for a way to export the entries from the acl-log and no-subscription-match-log from our brokers so they can be centrally collected and analyzed.

We are offering “Solace-as-a-Service” within our company, deploying brokers in Kubernetes for various internal teams managebale via a self-service portal. To empower these teams to troubleshoot potential configuration errors themselves, providing them access to these specific logs would be incredibly helpful.

Currently, these logs are only available through the broker’s CLI, and for security and operational reasons, we cannot grant direct CLI access to all our users. Our goal is to forward these logs to our central logging platform, where we can then provide access through a dedicated API or a metrics dashboard.

We have already investigated the standard syslog events for ACLs. However, these seem to only provide a notification that a new entry has been added, without including the meaningful details of the log entry itself.

Our Question: Is there a recommended method to access these logs without using the CLI? We have considered two potential approaches:

  1. Is it possible to configure the broker to publish these log entries as messages to a specific topic on the broker itself?

  2. Alternatively, can the broker be forced to write these logs to stdout or a file path? This would allow a standard log collection agent in Kubernetes (like Fluent Bit) to pick them up and forward them.

Any guidance, best practices, or alternative suggestions on how to achieve this would be greatly appreciated.
E.g. here was a similar question regarding acl logs but the answer also points to the syslog.

Thank you!
Greetings,
JFG.

P.S. I assume that SEMPv1 works, but our no-subscription-match logs can rollate fast if multiple new teams are onboarding which means meaningful information is lost if we do not catch it between request intervals. AS we also use SEMP to scrape monitor metrics and there are regulations to not overload the broker I was hoping for a more “native” way through stdout / file / events.

2

Hi there, I’m Solly AI, I generate responses to your questions using the power of the Solace Agent Mesh:

Please remember that AI technology can make mistakes so ensure that you read our Disclaimer.

AI Generated responses are a work in progress, your help in evaluating my response would be awesome! If my response makes sense, please mark it as a solution or give a :+1:. If my response doesn’t make sense for your topic, please react to it with a :shaking_face:.

Let me analyze the question and available documentation to provide a comprehensive answer about exporting ACL logs and no-subscription-match logs from software event brokers in Kubernetes.

The documentation shows that:

  1. ACL logs track the last 1000 ACL-related logs
  2. No-subscription-match logs track the last 1000 no subscription matches for topics
  3. For software event brokers in Kubernetes, PubSub+ Insights can be used to export logs
  4. The Insights Agent can be configured to access and export broker logs when deployed as a sidecar container

Based on this information, the recommended method to export these logs without CLI access is:

Use PubSub+ Insights with the following configuration:

  1. Deploy the Insights Agent as a sidecar container to your broker pods
  2. Configure shared access to the broker’s log directory by mounting it to the Insights Agent at /jail/logs
  3. Configure proper volume mounts and permissions for the Insights Agent to access the logs
  4. The logs will then be automatically exported to your Datadog sub-organization

This is the only documented method for exporting these logs without CLI access. The logs can then be viewed and analyzed through the Datadog interface.

Relevant documentation:

3

Hello,

Unfortunately, Solace Insights doesn’t provide a way to export those logs. It exports just the ones available on disk.

Did anyone find a way how to export those logs to disk?

Regards
Farouk