From owner-freebsd-questions@freebsd.org Mon Aug 7 10:00:01 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4AD5CDC84F2 for ; Mon, 7 Aug 2017 10:00:01 +0000 (UTC) (envelope-from bsd@todoo.biz) Received: from newmail.rmm.fr (newmail.rmm.fr [213.251.152.9]) by mx1.freebsd.org (Postfix) with ESMTP id E42746378F for ; Mon, 7 Aug 2017 10:00:00 +0000 (UTC) (envelope-from bsd@todoo.biz) Received: from localhost (localhost [127.0.0.1]) by newmail.rmm.fr (Postfix) with ESMTP id E302D497D5 for ; Mon, 7 Aug 2017 11:51:36 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at Received: from newmail.rmm.fr ([127.0.0.1]) by localhost (newmail.rmm.fr [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id cXIBEh_Iy5iP for ; Mon, 7 Aug 2017 11:51:36 +0200 (CEST) Received: from newmail.rmm.fr (newmail.rmm.fr [213.251.152.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: hidden) by newmail.rmm.fr (Postfix) with ESMTPSA id 4F23D497C7 for ; Mon, 7 Aug 2017 11:51:36 +0200 (CEST) From: "bsd@todoo.biz" Mime-Version: 1.0 (1.0) Date: Mon, 7 Aug 2017 12:51:34 +0300 Subject: Re: log centralizer? Message-Id: <74C48CD7-1DFD-49A9-AEE5-2FB9DC87F48F@todoo.biz> References: <1502086823.5923.150.camel@pki2.com> In-Reply-To: <1502086823.5923.150.camel@pki2.com> To: freebsd-questions@freebsd.org X-Mailer: iPhone Mail (14G60) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Aug 2017 10:00:01 -0000 You should have a look at graylog=20 Very nice opensource project=20 https://github.com/Graylog2 ######################### gregory.bernard@todoo.biz Tel : +33 6 15 38 84 38 ######################### > Le 7 ao=C3=BBt 2017 =C3=A0 09:20, Dennis Glatting a =C3=A9cr= it : >=20 >> On Sun, 2017-08-06 at 22:39 -0700, Aleksandr Miroslav wrote: >> I'm looking for a mechanism to collect and store all logs into a >> centralized location. I'm not looking for a fancy graphical interface >> (a la Splunk) to search those logs just yet, just collecting them on >> a >> centralized server is fine for the moment. >>=20 >> Is there something available in ports/base that I can use for this >> purpose? I took a quick look at ELK, it seems overly complicated, but >> iIve never used it. >=20 >=20 > The simple approach is to have a central MySQL database fed from > rsyslog across the servers of interest. Costume devices, such as HVAC, > could point to a rsyslog server which then feeds the database.=20 >=20 > Periodically run scripts against the database to generate summary > information, build firewall rule sets, and for maintenance. >=20 > For weird things, such as netflow off the switches and routers,=20 > forward the flows to a server, parse it, and then stuff it into the > database. >=20 > You can also create multi-master databases in case one goes offline or > local optimization. I was looking at Cassandra for multi-master. >=20 >=20 >=20 >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freeb >> sd.org" > --=20 > Dennis Glatting > Numbers Skeptic > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.or= g"