Date: Sun, 06 Aug 2017 23:20:23 -0700 From: Dennis Glatting <dg@pki2.com> To: Aleksandr Miroslav <alexmiroslav@gmail.com>, freebsd-questions@freebsd.org Subject: Re: log centralizer? Message-ID: <1502086823.5923.150.camel@pki2.com> In-Reply-To: <CACcSE1xP0c8yA44LLwTfX2nWWBqJf=VEgR07TbqmZwKTaLCd%2Bw@mail.gmail.com> References: <CACcSE1xP0c8yA44LLwTfX2nWWBqJf=VEgR07TbqmZwKTaLCd%2Bw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 2017-08-06 at 22:39 -0700, Aleksandr Miroslav wrote: > I'm looking for a mechanism to collect and store all logs into a > centralized location. I'm not looking for a fancy graphical interface > (a la Splunk) to search those logs just yet, just collecting them on > a > centralized server is fine for the moment. > > Is there something available in ports/base that I can use for this > purpose? I took a quick look at ELK, it seems overly complicated, but > iIve never used it. The simple approach is to have a central MySQL database fed from rsyslog across the servers of interest. Costume devices, such as HVAC, could point to a rsyslog server which then feeds the database. Periodically run scripts against the database to generate summary information, build firewall rule sets, and for maintenance. For weird things, such as netflow off the switches and routers, forward the flows to a server, parse it, and then stuff it into the database. You can also create multi-master databases in case one goes offline or local optimization. I was looking at Cassandra for multi-master. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freeb > sd.org" -- Dennis Glatting Numbers Skeptic
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1502086823.5923.150.camel>