[plug] network log reporting
Adrian Woodley
Adrian at Diskworld.com.au
Wed Jun 22 18:21:31 WST 2011
Most syslog packages, including rsyslog which is the default on Ubuntu,
will do logging via TCP/UDP.
On your receiving box, edit /etc/rsyslog.conf and uncomment:
$ModLoad imudp
$UDPServerRun 514
$ModLoad imtcp
$InputTCPServerRun 514
On your log generating boxes, create /etc/rsyslog.d/10-remote:
*.* @@<ip.of.log.server>:514;SyslFormat
From there you could use something like Splunk (htp://www.splunk.com/)
to interrogate and display your logs. (I believe there's a free version,
with a volume limit on the amount of logs to be processed a day).
Patrick Coleman knows heaps about Splunk and will probably jump on here
shortly to evangelise it.
I've also come across Adiscon Log Analyzer
(http://loganalyzer.adiscon.com/), while looking on the rsyslog.com
page. I haven't used it, but the demo page looks interesting. It also
has a free download.
If you give either of these products a go, let us know how you get on
and what you think.
Cheers,
Adrian
On 06/22/2011 05:20 PM, wolfbite wrote:
> be gentle with me and dont make my head hurt too much :)
>
> I have multiple computers connected to my network
> I've setup a OLD computer and screen to be an information computer
> (computer & screen perm on)
>
> I currently have it running with
> ubuntu maverick
> xorg openbox
> conky clock
> conky wearther
> conky googlecalendar (love conky :)
>
> looking at displaying syslog & such from multiple computers (local
> already ok)
>
> what I want is a SIMPLE :) system where I can send syslogs or other
> data from any computer to monitor computer.
> I dont want the info going external (ie out via isp then back,
> security &spam reasons)
> but I would like to keep it simple without maintaining a full blown
> mail server etc.
>
> seems like theres LOTS of ways but seem quit convoluted
> looked at offlineimap, postfix, exim, etc and my brain is glazing over
>
> any pointing into the right direction appreciated
>
> Thanks
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://lists.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
More information about the plug
mailing list