[CentOS] Fwd: Centos and logs

Jeremy Hoel jthoel at gmail.com
Tue Nov 18 20:39:21 UTC 2014


With splunk you get 500mb/day free.  So you can collect logs with rsyslog,
drop the stuff you don't want to see ever and then forward the rest to
splunk.  This could help save on license issues.

You also have tools like greylog.  It can be fed from logstash also and is
very impressive.  ELK, as Keith mentioned, is awesome.. as is a tool called
ELSA.  Lots of ways to look at logs via the web.  the harder part is
knowing what you are looking for, field extraction and correlation.



On Tue, Nov 18, 2014 at 1:06 PM, Keith Keller <
kkeller at wombat.san-francisco.ca.us> wrote:

> On 2014-11-18, zep <zgreenfelder at gmail.com> wrote:
> > I would consider something like splunk (or more likely one of the
> > free alternatives) and a setup like:
>
> I have heard and seen great things about ELK: elasticsearch, logstash,
> and kibana.  I saw it in action and it looked and behaved a lot like
> Splunk (and it's all open, so no licensing issues like Splunk).
>
> --keith
>
>
> --
> kkeller at wombat.san-francisco.ca.us
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



More information about the CentOS mailing list