Date: Mon, 7 Aug 2017 12:51:34 +0300 From: "bsd@todoo.biz" <bsd@todoo.biz> To: freebsd-questions@freebsd.org Subject: Re: log centralizer? Message-ID: <74C48CD7-1DFD-49A9-AEE5-2FB9DC87F48F@todoo.biz> In-Reply-To: <1502086823.5923.150.camel@pki2.com> References: <CACcSE1xP0c8yA44LLwTfX2nWWBqJf=VEgR07TbqmZwKTaLCd%2Bw@mail.gmail.com> <1502086823.5923.150.camel@pki2.com>
next in thread | previous in thread | raw e-mail | index | archive | help
You should have a look at graylog=20 Very nice opensource project=20 https://github.com/Graylog2 ######################### gregory.bernard@todoo.biz Tel : +33 6 15 38 84 38 ######################### > Le 7 ao=C3=BBt 2017 =C3=A0 09:20, Dennis Glatting <dg@pki2.com> a =C3=A9cr= it : >=20 >> On Sun, 2017-08-06 at 22:39 -0700, Aleksandr Miroslav wrote: >> I'm looking for a mechanism to collect and store all logs into a >> centralized location. I'm not looking for a fancy graphical interface >> (a la Splunk) to search those logs just yet, just collecting them on >> a >> centralized server is fine for the moment. >>=20 >> Is there something available in ports/base that I can use for this >> purpose? I took a quick look at ELK, it seems overly complicated, but >> iIve never used it. >=20 >=20 > The simple approach is to have a central MySQL database fed from > rsyslog across the servers of interest. Costume devices, such as HVAC, > could point to a rsyslog server which then feeds the database.=20 >=20 > Periodically run scripts against the database to generate summary > information, build firewall rule sets, and for maintenance. >=20 > For weird things, such as netflow off the switches and routers,=20 > forward the flows to a server, parse it, and then stuff it into the > database. >=20 > You can also create multi-master databases in case one goes offline or > local optimization. I was looking at Cassandra for multi-master. >=20 >=20 >=20 >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freeb >> sd.org" > --=20 > Dennis Glatting > Numbers Skeptic > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.or= g"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?74C48CD7-1DFD-49A9-AEE5-2FB9DC87F48F>