在 Linux 计算机上安装 Log Analytics 代理Install Log Analytics agent on Linux computers

本文详细介绍如何使用以下方法在 Linux 计算机上安装 Log Analytics 代理:This article provides details on installing the Log Analytics agent on Linux computers using the following methods:

重要

本文所述的安装方法通常用于本地或其他云中的虚拟机。The installation methods described in this article are typically used for virtual machines on-premises or in other clouds. 有关可用于 Azure 虚拟机的更高效选项,请参阅安装选项See Installation options for more efficient options you can use for Azure virtual machines.

支持的操作系统Supported operating systems

有关 Log Analytics 代理支持的 Linux 发行版的列表,请参阅 Azure Monitor 代理概述See Overview of Azure Monitor agents for a list of Linux distributions supported by the Log Analytics agent.

备注

仅 x86_x64 平台(64 位)支持 OpenSSL 1.1.0,任何平台均不支持早于 1.x 版本的 OpenSSL。OpenSSL 1.1.0 is only supported on x86_x64 platforms (64-bit) and OpenSSL earlier than 1.x is not supported on any platform.

备注

不支持在容器中运行 Log Analytics Linux 代理。Running the Log Analytics Linux Agent in containers is not supported. 如果需要监视容器,请对 Docker 主机使用容器监视解决方案,对 Kubernetes 使用容器见解If you need to monitor containers, please leverage the Container Monitoring solution for Docker hosts or Container insights for Kubernetes.

从 2018 年 8 月之后发布的版本开始,我们对支持模型进行了以下更改:Starting with versions released after August 2018, we are making the following changes to our support model:

  • 仅支持服务器版本,不支持客户端版本。Only the server versions are supported, not client.
  • 将支持重点放在任何 Azure Linux 认可的发行版Focus support on any of the Azure Linux Endorsed distros. 请注意,新的发行版/版本被 Azure Linux 认可和其受 Log Analytics Linux 代理支持,这两者之间可能存在一些延迟。Note that there may be some delay between a new distro/version being Azure Linux Endorsed and it being supported for the Log Analytics Linux agent.
  • 列出的每个主版本支持所有的次版本。All minor releases are supported for each major version listed.
  • 超出制造商终止支持日期的版本不受支持。Versions that have passed their manufacturer's end-of-support date are not supported.
  • 仅支持 VM 映像;不支持容器,即使是从正式发行版发布者的映像派生的容器。Only support VM images; containers, even those derived from official distro publishers' images, are not supported.
  • 不支持新版本的 AMI。New versions of AMI are not supported.
  • 默认情况下,仅支持运行 OpenSSL 1.x 的版本。Only versions that run OpenSSL 1.x by default are supported.

备注

如果使用的是当前不受支持且与我们的支持模型不一致的发行版或版本,我们建议对此存储库创建分支,并接受 Microsoft 支持不会为已分支的代理版本提供帮助。If you are using a distro or version that is not currently supported and doesn't align to our support model, we recommend that you fork this repo, acknowledging that Microsoft support will not provide assistance with forked agent versions.

Python 要求Python requirement

从代理版本 1.13.27 开始,Linux 代理将同时支持 Python 2 和 Python 3。Starting from Agent version 1.13.27, the Linux Agent will support both Python 2 and 3. 我们始终建议使用最新代理。We always recommend using the latest agent.

如果使用的是旧版本的代理,则默认情况下必须让虚拟机使用 Python 2。If you are using an older version of the agent, you must have the Virtual Machine use Python 2 by default. 如果虚拟机使用的发行版默认情况下不包括 Python 2,则必须进行安装。If your virtual machine is using a distro that doesn't include Python 2 by default then you must install it. 以下示例命令将在不同的发行版上安装 Python 2。The following sample commands will install Python 2 on different distros.

  • Red Hat、CentOS、Oracle:yum install -y python2Red Hat, CentOS, Oracle: yum install -y python2
  • Ubuntu、Debian:apt-get install -y python2Ubuntu, Debian: apt-get install -y python2
  • SUSE: zypper install -y python2SUSE: zypper install -y python2

Python2 可执行文件必须将别名设置为“python”。The python2 executable must be aliased to python. 下面是可用来设置此别名的一种方法:Following is one method that you can use to set this alias:

  1. 运行以下命令以删除所有现有别名。Run the following command to remove any existing aliases.

    sudo update-alternatives --remove-all python
    
  2. 运行以下命令以创建别名。Run the following command to create the alias.

    sudo update-alternatives --install /usr/bin/python python /usr/bin/python2 1
    

支持的 Linux 强化Supported Linux hardening

OMS 代理对 Linux 提供了有限的自定义支持。The OMS Agent has limited customization support for Linux.

当前支持以下内容:The following are currently supported:

  • FIPSFIPs

以下内容正在考虑中,但尚不受支持:The following are in consideration but not yet supported:

  • CISCIS
  • SELINUXSELINUX

OMS 代理不支持且未计划使用其他强化和自定义方法。Other hardening and customization methods are not supported nor planned for OMS Agent.

代理必备组件Agent prerequisites

下表重点介绍了要在其上安装代理的受支持的 Linux 发行版所需的包。The following table highlights the packages required for supported Linux distros that the agent will be installed on.

所需程序包Required package 说明Description 最低版本Minimum version
GlibcGlibc GNU C 库GNU C Library 2.5-122.5-12
OpensslOpenssl OpenSSL 库OpenSSL Libraries 1.0.x 或 1.1.x1.0.x or 1.1.x
CurlCurl cURL Web 客户端cURL web client 7.15.57.15.5
PythonPython 2.7 或 3.6+2.7 or 3.6+
Python-ctypePython-ctypes
PAMPAM 可插入验证模块Pluggable Authentication Modules

备注

收集 Syslog 消息时需要 rsyslog 或 syslog ng。Either rsyslog or syslog-ng are required to collect syslog messages. 不支持将 Red Hat Enterprise Linux 版本 5、CentOS 和 Oracle Linux 版本 (sysklog) 上的默认 syslog 守护程序用于 syslog 事件收集。The default syslog daemon on version 5 of Red Hat Enterprise Linux, CentOS, and Oracle Linux version (sysklog) is not supported for syslog event collection. 要从这些发行版的此版本中收集 syslog 数据,应安装并配置 rsyslog 守护程序以替换 sysklog。To collect syslog data from this version of these distributions, the rsyslog daemon should be installed and configured to replace sysklog.

网络要求Network requirements

有关 Linux 代理的网络要求,请参阅 Log Analytics 代理概述See Log Analytics agent overview for the network requirements for the Linux agent.

代理安装包Agent install package

适用于 Linux 的 Log Analytics 代理由多个包组成。The Log Analytics agent for Linux is composed of multiple packages. 发行文件包含以下包,可通过结合 --extract 参数运行 shell 捆绑包来获取这些包:The release file contains the following packages, which are available by running the shell bundle with the --extract parameter:

Package 版本Version 说明Description
omsagentomsagent 1.13.91.13.9 适用于 Linux 的 Log Analytics 代理The Log Analytics Agent for Linux
omsconfigomsconfig 1.1.11.1.1 Log Analytics 代理的配置代理Configuration agent for the Log Analytics agent
omiomi 1.6.41.6.4 Open Management Infrastructure (OMI) - 一款轻型 CIM 服务器。Open Management Infrastructure (OMI) -- a lightweight CIM Server. 请注意,OMI 要求拥有 root 访问权限,以运行所需的 cron 作业来使服务正常工作Note that OMI requires root access to run a cron job necessary for the functioning of the service
scxscx 1.6.41.6.4 操作系统性能指标的 OMI CIM 提供程序OMI CIM Providers for operating system performance metrics
apache-cimprovapache-cimprov 1.0.11.0.1 OMI 的 Apache HTTP 服务器性能监视提供程序。Apache HTTP Server performance monitoring provider for OMI. 仅当检测到 Apache HTTP 服务器时才安装。Only installed if Apache HTTP Server is detected.
mysql-cimprovmysql-cimprov 1.0.11.0.1 OMI 的 MySQL 服务器性能监视提供程序。MySQL Server performance monitoring provider for OMI. 仅当检测到 MySQL/MariaDB 服务器时才安装。Only installed if MySQL/MariaDB server is detected.
docker-cimprovdocker-cimprov 1.0.01.0.0 OMI 的 Docker 提供程序。Docker provider for OMI. 仅当检测到 Docker 时才安装。Only installed if Docker is detected.

代理安装详细信息Agent installation details

安装适用于 Linux 的 Log Analytics 代理包后,将应用下述额外的系统范围的配置更改。After installing the Log Analytics agent for Linux packages, the following additional system-wide configuration changes are applied. 卸载 omsagent 程序包时会删除这些项目。These artifacts are removed when the omsagent package is uninstalled.

  • 创建一个名为 omsagent 的非特权用户。A non-privileged user named: omsagent is created. 守护程序通过此凭据运行。The daemon runs under this credential.
  • 将在 /etc/sudoers.d/omsagent 中创建一个 sudoers include 文件。A sudoers include file is created in /etc/sudoers.d/omsagent. 这会授权 omsagent 重启 syslog 和 omsagent 守护程序。This authorizes omsagent to restart the syslog and omsagent daemons. 如果安装的 sudo 版本不支持 sudo include 指令,则会将这些条目写入 /etc/sudoersIf sudo include directives are not supported in the installed version of sudo, these entries will be written to /etc/sudoers.
  • 修改 syslog 配置,以将事件子集转发到代理。The syslog configuration is modified to forward a subset of events to the agent. 有关详细信息,请参阅配置 Syslog 数据收集For more information, see Configure Syslog data collection.

在受监视的 Linux 计算机上,代理列为 omsagentOn a monitored Linux computer, the agent is listed as omsagent. omsconfig 是每隔 5 分钟便会查找一次新门户端配置的 Log Analytics Linux 代理的配置代理。omsconfig is the Log Analytics agent for Linux configuration agent that looks for new portal side configuration every 5 minutes. 新的和已更新的配置应用到 /etc/opt/microsoft/omsagent/conf/omsagent.conf 中的代理配置文件。The new and updated configuration is applied to the agent configuration files located at /etc/opt/microsoft/omsagent/conf/omsagent.conf.

使用包装器脚本来安装代理Install the agent using wrapper script

以下步骤使用 Linux 计算机的包装器脚本为 Azure 中国云中的 Log Analytics 配置代理的安装,这些计算机可直接通信或通过代理服务器通信,以下载托管在 GitHub 上的代理并安装该代理。The following steps configure setup of the agent for Log Analytics in Azure China cloud using the wrapper script for Linux computers that can communicate directly or through a proxy server to download the agent hosted on GitHub and install the agent.

如果 Linux 计算机需要通过代理服务器与 Log Analytics 通信,可以通过包含 -p [protocol://][user:password@]proxyhost[:port] 在命令行中指定此配置。If your Linux computer needs to communicate through a proxy server to Log Analytics, this configuration can be specified on the command line by including -p [protocol://][user:password@]proxyhost[:port]. protocol 属性接受 httphttpsproxyhost 属性接受代理服务器的完全限定域名或 IP 地址。The protocol property accepts http or https, and the proxyhost property accepts a fully qualified domain name or IP address of the proxy server.

例如: https://proxy01.contoso.com:30443For example: https://proxy01.contoso.com:30443

如果在任一情况下需要身份验证,需要指定用户名和密码。If authentication is required in either case, you need to specify the username and password. 例如: https://user01:password@proxy01.contoso.com:30443For example: https://user01:password@proxy01.contoso.com:30443

  1. 若要配置 Linux 计算机以连接至 Log Analytics 工作区,请运行以下命令,并提供工作区 ID 和主密钥。To configure the Linux computer to connect to a Log Analytics workspace, run the following command providing the workspace ID and primary key. 以下命令将下载代理、验证其校验和并将其安装好。The following command downloads the agent, validates its checksum, and installs it.

    wget https://raw.githubusercontent.com/Microsoft/OMS-Agent-for-Linux/master/installer/scripts/onboard_agent.sh && sh onboard_agent.sh -w <YOUR WORKSPACE ID> -s <YOUR WORKSPACE PRIMARY KEY>
    

    代理服务器要求进行身份验证时,以下命令包括 -p 代理参数和示例语法:The following command includes the -p proxy parameter and example syntax when authentication is required by your proxy server:

     wget https://raw.githubusercontent.com/Microsoft/OMS-Agent-for-Linux/master/installer/scripts/onboard_agent.sh && sh onboard_agent.sh -p [protocol://]<proxy user>:<proxy password>@<proxyhost>[:port] -w <YOUR WORKSPACE ID> -s <YOUR WORKSPACE PRIMARY KEY>
    
  2. 若要将 Linux 计算机配置为连接到 Azure 中国云中的 Log Analytics 工作区,请运行以下命令,并提供前面复制的工作区 ID 和主密钥。To configure the Linux computer to connect to Log Analytics workspace in Azure China cloud, run the following command providing the workspace ID and primary key copied earlier. 以下命令将下载代理、验证其校验和并将其安装好。The following command downloads the agent, validates its checksum, and installs it.

    wget https://raw.githubusercontent.com/Microsoft/OMS-Agent-for-Linux/master/installer/scripts/onboard_agent.sh && sh onboard_agent.sh -w <YOUR WORKSPACE ID> -s <YOUR WORKSPACE PRIMARY KEY> -d opinsights.azure.cn
    

    代理服务器要求进行身份验证时,以下命令包括 -p 代理参数和示例语法:The following command includes the -p proxy parameter and example syntax when authentication is required by your proxy server:

     wget https://raw.githubusercontent.com/Microsoft/OMS-Agent-for-Linux/master/installer/scripts/onboard_agent.sh && sh onboard_agent.sh -p [protocol://]<proxy user>:<proxy password>@<proxyhost>[:port] -w <YOUR WORKSPACE ID> -s <YOUR WORKSPACE PRIMARY KEY> -d opinsights.azure.cn
    
  3. 运行以下命令重启代理:Restart the agent by running the following command:

    sudo /opt/microsoft/omsagent/bin/service_control restart [<workspace id>]
    

手动安装代理Install the agent manually

适用于 Linux 的 Log Analytics 代理以自提取和可安装的 shell 脚本捆绑包形式提供。The Log Analytics agent for Linux is provided in a self-extracting and installable shell script bundle. 此捆绑包包含用于各个代理组件的 Debian 和 RPM 程序包,可以直接安装该捆绑包,也可以通过提取它来检索单个程序包。This bundle contains Debian and RPM packages for each of the agent components and can be installed directly or extracted to retrieve the individual packages. 分别针对 x64 体系结构和 x86 体系结构提供一个捆绑包。One bundle is provided for x64 and one for x86 architectures.

备注

对于 Azure VM,建议你使用适用于 Linux 的 Azure Log Analytics VM 扩展在这些 VM 上安装代理。For Azure VMs, we recommend you install the agent on them using the Azure Log Analytics VM extension for Linux.

  1. 下载相应的捆绑包(x64 或 x86)并使用 SCP/SFTP 将其传输到 Linux VM 或物理计算机。Download and transfer the appropriate bundle (x64 or x86) to your Linux VM or physical computer, using scp/sftp.

  2. 使用 --install 参数安装捆绑包。Install the bundle by using the --install argument. 若要在安装过程中加入到 Log Analytics 工作区,请提供前面复制的 -w <WorkspaceID>-s <workspaceKey> 参数。To onboard to a Log Analytics workspace during installation, provide the -w <WorkspaceID> and -s <workspaceKey> parameters copied earlier.

    备注

    如果安装 omi、scx、omsconfig 等依赖包或其旧版本,则需要使用 --upgrade 参数(已安装适用于 Linux 的 System Center Operations Manager 代理时存在这种情况)。You need to use the --upgrade argument if any dependent packages such as omi, scx, omsconfig or their older versions are installed, as would be the case if the system Center Operations Manager agent for Linux is already installed.

    sudo sh ./omsagent-*.universal.x64.sh --install -w <workspace id> -s <shared key>
    
  3. 若要将 Linux 代理配置为通过 Log Analytics 网关安装并连接到 Log Analytics 工作区,请运行以下命令并提供代理、工作区 ID 和工作区密钥参数。To configure the Linux agent to install and connect to a Log Analytics workspace through a Log Analytics gateway, run the following command providing the proxy, workspace ID, and workspace key parameters. 可以通过包含 -p [protocol://][user:password@]proxyhost[:port] 在命令行中指定此配置。This configuration can be specified on the command line by including -p [protocol://][user:password@]proxyhost[:port]. proxyhost 属性接受 Log Analytics 网关服务器的完全限定域名或 IP 地址。The proxyhost property accepts a fully qualified domain name or IP address of the Log Analytics gateway server.

    sudo sh ./omsagent-*.universal.x64.sh --upgrade -p https://<proxy address>:<proxy port> -w <workspace id> -s <shared key>
    

    如果需要身份验证,则需要指定用户名和密码。If authentication is required, you need to specify the username and password. 例如:For example:

    sudo sh ./omsagent-*.universal.x64.sh --upgrade -p https://<proxy user>:<proxy password>@<proxy address>:<proxy port> -w <workspace id> -s <shared key>
    
  4. 若要将 Linux 计算机配置为连接到 Azure 中国云中的 Log Analytics 工作区,请运行以下命令,并提供前面复制的工作区 ID 和主密钥。To configure the Linux computer to connect to a Log Analytics workspace in Azure China cloud, run the following command providing the workspace ID and primary key copied earlier.

    sudo sh ./omsagent-*.universal.x64.sh --upgrade -w <workspace id> -s <shared key> -d opinsights.azure.cn
    

若要在以后安装代理包并将其配置为向特定的 Log Analytics 工作区报告,请运行以下命令:If you want to install the agent packages and configure it to report to a specific Log Analytics workspace at a later time, run the following command:

sudo sh ./omsagent-*.universal.x64.sh --upgrade

若要从捆绑中提取代理包而不安装代理,请运行以下命令:If you want to extract the agent packages from the bundle without installing the agent, run the following command:

sudo sh ./omsagent-*.universal.x64.sh --extract

从以前的版本升级Upgrade from a previous release

从版本 1.0.0-47 开始,每个版本都支持从旧版升级。Upgrading from a previous version, starting with version 1.0.0-47, is supported in each release. 使用 --upgrade 参数执行安装可将代理的所有组件升级到最新版本。Perform the installation with the --upgrade parameter to upgrade all components of the agent to the latest version.

缓存信息Cache information

来自适用于 Linux 的 Log Analytics 代理的数据在发送到 Azure Monitor 之前缓存在本地计算机上的 %STATE_DIR_WS%/out_oms_common.buffer* 中。Data from the Log Analytics agent for Linux is cached on the local machine at %STATE_DIR_WS%/out_oms_common.buffer* before it's sent to Azure Monitor. 自定义日志数据将在 %STATE_DIR_WS%/out_oms_blob.buffer* 中缓冲。Custom log data is buffered in %STATE_DIR_WS%/out_oms_blob.buffer*. 对于某些解决方案和数据类型,路径可能会不同。The path may be different for some solutions and data types.

该代理会尝试每隔 20 秒上传一次。The agent attempts to upload every 20 seconds. 如果该操作失败,它将等待以指数级增加的时间,直到成功为止:第二次尝试之前等待 30 秒,第三次尝试之前等待 60 秒,第四次尝试之前等待 120 秒...依此类推,直到再次成功连接为止,两次重试之间的最长间隔为 16 分钟。If it fails, it will wait an exponentially increasing length of time until it succeeds: 30 seconds before the second attempt, 60 seconds before the third, 120 seconds ... and so on up to a maximum of 16 minutes between retries until it successfully connects again. 对于给定数据块,该代理最多重试 6 次,然后丢弃它并移至下一个数据块。The agent will retry up to 6 times for a given chunk of data before discarding and moving to the next one. 此过程会一直继续,直到代理可以再次成功上传。This continues until the agent can successfully upload again. 这意味着数据在被丢弃之前可能会被缓冲最多 30 分钟左右。This means that data may be buffered up to approximately 30 minutes before being discarded.

默认缓存大小为 10 MB,但可在 omsagent.conf 文件中进行修改。The default cache size is 10 MB but can be modified in the omsagent.conf file.

后续步骤Next steps