Logging for Linux servers
- How to gather syslog and application logs.
Links: Nexus/Logging, cisco/Logging
- 2017 - the default syslog one text line logs is bad, hard to parse reliably and hard to combine with other logs.
- move logging to JSON records.
http://www.rsyslog.com/tag/all-json/ rsyslog can send logs in JSON to another party over the network.
- rsyslog can be used to centralize logs, and then forward them as JSON documents to an elastic search instance.
- check config with $ rsyslogd -N1
...