[TriLUG] centralized logging
josh_johnson at unc.edu
Wed Jan 13 09:22:24 EST 2010
I want to collect various server logs into a centralized place. What's
the best way to do this? What should I keep in mind when migrating to
a centralized logging infrastructure?
I've been looking at syslog-ng and rsyslogd. I've got a combination of
RHEL 5 and Ubuntu machines.
The primary reason why I need this is because I've got SAN hardware
that will send syslog messages over the SAN network when drives are
getting close to failure or have failed (the docs say I can get a
fairly early warning).
I'm also going to deploy some web applications that generate lots of
logs and will need to be periodically checked to extract usage
statistics and diagnose usability issues.
More information about the TriLUG