541
Comment:
|
582
|
Deletions are marked like this. | Additions are marked like this. |
Line 7: | Line 7: |
* 2017 - the default syslog one textline logs is bad, hard to parse reliably and hard to combine with other logs. | * 2017 - the default syslog one text line logs is bad, hard to parse reliably and hard to combine with other logs. |
Line 11: | Line 11: |
* rsyslog can be used to centralise logs, and then forward them as JSON documents to a elastic search instance. | * rsyslog can be used to centralize logs, and then forward them as JSON documents to an elastic search instance. * check config with $ rsyslogd -N1 |
Logging for Linux servers
- How to gather syslog and application logs.
Links: Nexus/Logging, cisco/Logging
- 2017 - the default syslog one text line logs is bad, hard to parse reliably and hard to combine with other logs.
- move logging to JSON records.
http://www.rsyslog.com/tag/all-json/ rsyslog can send logs in JSON to another party over the network.
- rsyslog can be used to centralize logs, and then forward them as JSON documents to an elastic search instance.
- check config with $ rsyslogd -N1
...