Fluentd Installation for New Relic

Install Fluentd in OS/Virtual Machine for New Relic

Ensure that you have access to the Internet from the VM. Recommended install is through fluentd's native OS-based package installs:

OS	Package Manager	Link
CentOS/RHEL	Linux - RPM (YUM)	https://docs.fluentd.org/installation/install-by-rpm
Debian/Ubuntu	Linux - APT	https://docs.fluentd.org/installation/install-by-deb
MacOS/Darwin	MacOS - DMG	https://docs.fluentd.org/installation/install-by-dmg
Windows	Windows - MSI	https://docs.fluentd.org/installation/install-by-msi
Gem Install**	MacOS & Linux - Gem	https://docs.fluentd.org/installation/install-by-gem

**For Gem-based install, Ruby Interpreter has to be set up first. Following is the recommended process to install Ruby:

Install Ruby Version Manager (RVM) as described here. Verify that you follow all the onscreen instructions provided to complete the RVM installation.
- For installation across users, a SUDO-based install is recommended. The installation is as described here.
Once RVM installation is complete, execute the command rvm -v to verify the installation executing.
Now install ruby v2.7.0 or above executing the command rvm install <ver_num>, ex: rvm install 2.7.5.
Verify the ruby installation. Execute ruby -v, gem installation gem -v and bundler -v to ensure all the components are intact.
Post completion of Ruby, Gems installation, the environment is ready to further install new gems. Execute the following gem install commands one after the other to set up the needed ecosystem:
gem install fluentd

After FluentD is successfully installed, the below plugins are must be installed:

'gem install fluent-plugin-newrelic'
'gem install fluent-plugin-jfrog-siem'
'gem install fluent-plugin-jfrog-metrics'
'gem install fluent-plugin-jfrog-send-metrics'

Configurefluent.conf.* according to the instructions mentioned in the ??? section and then run the fluentd wrapper with one argument pointed to the fluent.conf.* file configured.

./fluentd $JF_PRODUCT_DATA_INTERNAL/fluent.conf.<product_name>

Install Fluentd in Docker for New Relic

To run fluentd as a Docker image to send the log, siem and metrics data to New Relic, the following commands must be executed on the host that runs the Docker.

Check the Docker installation is functional. Execute the commands docker version and docker ps.
Once the version and processes are listed successfully, build the intended Docker image for the observability platform using the Docker file.
- Download Dockerfile from here to any directory that has write permissions.
Download the Dockerenvfile_<observability_platform>.txt file needed to run Jfrog/FluentD Docker Images for the intended observability platform.
- Download Dockerenvfile_newrelic.txt from here to the directory where the Docker file was downloaded.

Note

For New Relic as the observability platform, execute these commands to setup the docker container running the fluentd installation:

Execute 'docker build --build-arg SOURCE="JFRT" --build-arg TARGET="NEWRELIC" -t <image_name>.'
Command example:
'docker build --build-arg SOURCE="JFRT" --build-arg TARGET="NEWRELIC" -t jfrog/fluentd-newrelic-rt .'
The above command will build the docker image.
Fill the necessary information in the Dockerenvfile_newrelic.txt file, if the value for any of the field requires to have a '/' use '\/' and if '\' is required use '\\'.
Execute 'docker run -it --name jfrog-fluentd-newrelic-rt -v <path_to_logs>:/var/opt/jfrog/artifactory --env-file Dockerenvfile_newrelic.txt <image_name>'
The <path_to_logs> should be an absolute path where the Jfrog Artifactory Logs folder resides, i.e for an Docker-based Artifactory Installation. Example: /var/opt/jfrog/artifactory/var/logs on the Docker host.
Command example:
'docker run -it --name jfrog-fluentd-newrelic-rt -v /var/opt/jfrog/artifactory/ --env-file Dockerenvfile_newrelic.txt jfrog/fluentd-newrelic-rt'

New Relic Kubernetes Deployment with Helm

Recommended installation for Kubernetes is to utilize the helm chart with the associated values.yaml in this repo.

Product	Example Values File
Artifactory	helm/artifactory-values.yaml
Artifactory HA	helm/artifactory-ha-values.yaml
Xray	helm/xray-values.yaml

Update the values.yaml associated to the product you want to deploy with your New Relic settings.

Then deploy the helm chart as described below:

Add JFrog Helm repository:

helm repo add jfrog https://charts.jfrog.io
helm repo update

Replace placeholders with your masterKey and joinKey. To generate each of them, use the command openssl rand -hex 32

Artifactory:

Replace the newrelic_licensekey in newrelic.licensekey at the end of the yaml file with License key copied from New Relic in New Relic Setup
Replace the jpd_url in jfrog.observability.metrics.jpd_url with Artifactory JPD URL (note - if deployed on K8s use the localhost and port number combination per sidecar)
Replace the jfrog_user in jfrog.observability.metrics.username with Artifactory username for authentication
Replace the jfrog_api_key in jfrog.observability.metrics.apikey with an API Key.
Replace the jfrog_access_token in jfrog.observability.metrics.accesstoken with a scoped token

Replace common_jpd_value in jfrog.observability.metrics.common_jpd with true for non-kubernetes installations or installations where JPD base URL is same to access both Artifactory and Xray (ex: /artifactory/ or /xray The default value is false.

helm upgrade --install artifactory  jfrog/artifactory \
       --set artifactory.masterKey=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF \
       --set artifactory.joinKey=EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE \
       -f helm/artifactory-values.yaml

Artifactory-HA

For HA installation, create a license secret on your cluster prior to installation:

               kubectl create secret generic artifactory-license --from-file=<path_to_license_file>artifactory.cluster.license

Note

Replace placeholders with your masterKey and joinKey. To generate each of them, use the command openssl rand -hex 32

Replace the newrelic_licensekey in newrelic.licensekey at the end of the yaml file with License key copied from New Relic in New Relic Setup
Replace the jpd_url in jfrog.observability.metrics.jpd_url with the Artifactory JPD URL (note - if deployed on K8s use the localhost and port number combination per sidecar)
Replace the jfrog_user in jfrog.observability.metrics.username with the Artifactory username for authentication
Replace the jfrog_api_key in jfrog.observability.metrics.apikey with an API Key.
Replace the jfrog_access_token in jfrog.observability.metrics.accesstoken with a scoped token

Replace the common_jpd_value in jfrog.observability.metrics.common_jpd with true for non-kubernetes installations or installations where JPD base URL is same to access both Artifactory and Xray (ex: /artifactory/ or /xray The default value is false.

helm upgrade --install artifactory-ha  jfrog/artifactory-ha \
       --set artifactory.masterKey=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF \
       --set artifactory.joinKey=EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE \
       -f helm/artifactory-ha-values.yaml

Xray

Update the following fields in /helm/xray-values.yaml:

Replace the newrelic_licensekey in newrelic.licensekey at the end of the yaml file with License key copied from New Relic in New Relic Setup
Replace jpd_url in jfrog.observability.jpd_url with Artifactory JPD URL (note - if deployed on K8s use the localhost and port number combination per sidecar)
Replace jfrog_user in jfrog.observability.username with Artifactory username for authentication
Replace jfrog_api_key in jfrog.observability.apikey with an API Key.

Use the same joinKey as you used in Artifactory installation to allow Xray node to successfully connect to Artifactory.

helm upgrade --install xray jfrog/xray --set xray.jfrogUrl=http://my-artifactory-nginx-url \ --set xray.masterKey=FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF \ --set xray.joinKey=EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE \ -f helm/xray-values.yaml