With splunk you get 500mb/day free. So you can collect logs with rsyslog,
drop the stuff you don't want to see ever and then forward the rest to
splunk. This could help save on license issues.
You also have tools like greylog. It can be fed from logstash also and is
very impressive. ELK, as Keith mentioned, is awesome.. as is a tool called
ELSA. Lots of ways to look at logs via the web. the harder part is
knowing what you are looking for, field extraction and correlation.
On Tue, Nov 18, 2014 at 1:06 PM, Keith Keller <
kkeller@xxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> On 2014-11-18, zep <zgreenfelder@xxxxxxxxx> wrote:
> > I would consider something like splunk (or more likely one of the
> > free alternatives) and a setup like:
>
> I have heard and seen great things about ELK: elasticsearch, logstash,
> and kibana. I saw it in action and it looked and behaved a lot like
> Splunk (and it's all open, so no licensing issues like Splunk).
>
> --keith
>
>
> --
> kkeller@xxxxxxxxxxxxxxxxxxxxxxxxxx
>
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
