#format wiki
#language en
= Logging for Linux servers =
 * How to gather syslog and application logs.
 * Links: [[Nexus/Logging]], [[cisco/Logging]]

 * 2017 - the default syslog one text line logs is bad, hard to parse reliably and hard to combine with other logs.
   * move logging to JSON records.
   * http://www.rsyslog.com/tag/all-json/   rsyslog can send logs in JSON to another party over the network.

 * rsyslog can be used to centralize logs, and then forward them as JSON documents to an elastic search instance.
   * check config with $ rsyslogd -N1

...
----
CategoryLogging