From owner-freebsd-questions@freebsd.org Mon Aug 7 15:09:03 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 10F05DD87F9 for ; Mon, 7 Aug 2017 15:09:03 +0000 (UTC) (envelope-from markham@ssimicro.com) Received: from barracuda.ssimicro.com (barracuda.ssimicro.com [96.46.39.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.ssimicro.com", Issuer "RapidSSL SHA256 CA - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D0DC56FBBA for ; Mon, 7 Aug 2017 15:09:02 +0000 (UTC) (envelope-from markham@ssimicro.com) X-ASG-Debug-ID: 1502118533-08e7176ddf4de080001-jLrpzn Received: from mail.ssimicro.com (mail.ssimicro.com [64.247.129.10]) by barracuda.ssimicro.com with ESMTP id 9Odbog1B35wbUtTy (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Mon, 07 Aug 2017 11:08:54 -0400 (EDT) X-Barracuda-Envelope-From: markham@ssimicro.com X-Barracuda-Effective-Source-IP: mail.ssimicro.com[64.247.129.10] X-Barracuda-Apparent-Source-IP: 64.247.129.10 Received: from Markhams-MBP.lan (64-247-138-144.ssimicro.com [64.247.138.144]) (authenticated bits=0) by mail.ssimicro.com (8.15.2/8.15.2) with ESMTPSA id v77F8pEM003761 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT) for ; Mon, 7 Aug 2017 09:08:53 -0600 (MDT) (envelope-from markham@ssimicro.com) X-Authentication-Warning: mail.ssimicro.com: Host 64-247-138-144.ssimicro.com [64.247.138.144] claimed to be Markhams-MBP.lan Subject: Re: log centralizer? To: freebsd-questions@freebsd.org X-ASG-Orig-Subj: Re: log centralizer? References: From: markham breitbach Message-ID: <9f579c0e-c894-33f3-9c44-bab2eb42850b@ssimicro.com> Date: Mon, 7 Aug 2017 09:08:51 -0600 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Thunderbird/52.2.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Content-Language: en-US X-Barracuda-Connect: mail.ssimicro.com[64.247.129.10] X-Barracuda-Start-Time: 1502118533 X-Barracuda-Encrypted: ECDHE-RSA-AES256-GCM-SHA384 X-Barracuda-URL: https://barracuda.ssimicro.com:443/cgi-mod/mark.cgi X-Barracuda-Scan-Msg-Size: 1080 X-Virus-Scanned: by bsmtpd at ssimicro.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=5.0 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.41723 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Aug 2017 15:09:03 -0000 If all you want to do is collect the logs and you are fine with the CLI, there is no reason you can't do this with BSD syslog.=20 Depending on how you want to organize your logs, you may want to look at rsyslog or syslog-ng for some more powerful filtering rules. Splunk is so much more than just a fancy graphical interface though! -Markham On 2017-08-06 11:39 PM, Aleksandr Miroslav wrote: > I'm looking for a mechanism to collect and store all logs into a > centralized location. I'm not looking for a fancy graphical interface > (a la Splunk) to search those logs just yet, just collecting them on a > centralized server is fine for the moment. > > Is there something available in ports/base that I can use for this > purpose? I took a quick look at ELK, it seems overly complicated, but > iIve never used it. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd= =2Eorg"