[TriLUG] Opinions sought: Log parsing tools, postfix particularly
Matt Pusateri via TriLUG
trilug at trilug.org
Mon Jul 10 18:51:53 EDT 2017
ELK has that feeling to me that it’s just barely trying hard enough to remain open source, while having an agenda to go closed source or limited open source. Their website get’s harder and harder to navigate.
Matt P.
> On Jul 10, 2017, at 2:44 PM, Kristopher Kane via TriLUG <trilug at trilug.org> wrote:
>
> Logstash (server side parser) + Elasticsearch (search + metrics) + Kibana
> (UI) = ELK stack is in use at my place. These are all JVM based tools.
> Elasticsearch can be single node or scale out. We have logs going in at
> 60k eps and searching from the same Elastic cluster. You can build these
> types of metric dashboards very easily in Kibana.
>
> Lucidworks champions banana in place of Kibana for Solr. Looks like there
> is a Solr output plugin for Logstash. Like Elasticsearch, Solr can be
> single node or scale out.
>
> You have to know a pretty good amount about Elasticsearch and or Solr to
> get started.
>
> Kris
>
> On Mon, Jul 10, 2017 at 10:18 AM, vikram sai balaji ulaganathan via TriLUG <
> trilug at trilug.org <mailto:trilug at trilug.org>> wrote:
>
>> Some Enterprises use splunk. Not sure on how it works or cost. But this is
>> something we have heard many times.
>>
>> On Jul 10, 2017 10:03 AM, "Brian via TriLUG" <trilug at trilug.org> wrote:
>>
>> Hi Folks,
>>
>> For a long time I've been using logwatch to give me daily synopses of my
>> server's activity. These days, I'm finding I want more detail,
>> particularly as it applies to postfix rejections. Right now I get a
>> logwatch digest that tells me, for example, the daily number of 4xx and 5xx
>> rejections that occur. I'd like something that will let me optionally
>> drill down to details about individual rejects, without having to grep my
>> way through eye-crossing log files. I could whip up something myself, but
>> there's gotta already be several mature options out there among which I
>> could choose.
>>
>> Any suggestions? A web interface would be ideal; RDBMS back-end (ideally
>> MySQL) a plus.
>>
>> I am JFG-ing-I, but I'm interested in usage anecdotes.
>>
>> Thanks,
>> -Brian
>> --
>> This message was sent to: Vikram <tayirvadai.vikram at gmail.com>
>> To unsubscribe, send a blank message to trilug-leave at trilug.org from that
>> address.
>> TriLUG mailing list : https://www.trilug.org/mailman/listinfo/trilug
>> Unsubscribe or edit options on the web : https://www.trilug.org/mailman
>> /options/trilug/tayirvadai.vikram%40gmail.com
>> Welcome to TriLUG: http://trilug.org/welcome
>> --
>> This message was sent to: Kristopher Kane <kristopher.kane at gmail.com <mailto:kristopher.kane at gmail.com>>
>> To unsubscribe, send a blank message to trilug-leave at trilug.org <mailto:trilug-leave at trilug.org> from that
>> address.
>> TriLUG mailing list : https://www.trilug.org/mailman/listinfo/trilug <https://www.trilug.org/mailman/listinfo/trilug>
>> Unsubscribe or edit options on the web : https://www.trilug.org/ <https://www.trilug.org/>
>> mailman/options/trilug/kristopher.kane%40gmail.com <http://40gmail.com/>
>> Welcome to TriLUG: http://trilug.org/welcome <http://trilug.org/welcome>
>>
> --
> This message was sent to: M. Pusateri <mpusateri at wickedtrails.com>
> To unsubscribe, send a blank message to trilug-leave at trilug.org from that address.
> TriLUG mailing list : https://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web : https://www.trilug.org/mailman/options/trilug/mpusateri%40wickedtrails.com
> Welcome to TriLUG: http://trilug.org/welcome
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.trilug.org/pipermail/trilug/attachments/20170710/8ca8508b/attachment.pgp>
More information about the TriLUG
mailing list