What means to centrally collect logs?

D

d3ZORg2012-11-13 14:13:35

linux

d3ZORg, 2012-11-13 14:13:35

Heard and read about logstash, graylog2, splunk, zenoss and other systems.
I don't know what to lean towards. I would like to hear the opinions and feedback of people who use these (and alternative) systems for centralized storage and viewing / visualization of logs.

Reply

Answer the question

In order to leave comments, you need to log in

6 answer(s)

F

fkvf, 2012-11-13
@d3ZORg

from brutal (setup - manual configuration, storing logs in files) I can advise syslog-ng, rsyslog, scribe.
*scribe - shows unstable work with logs more than 5GB per day (from one host)
*syslog-ng - blocking socket, so doing direct redirection with nginx is unprofitable
*rsyslog - I can’t say anything bad.
In general, graylog2 is highly praised by many

4

4c74356b41, 2012-11-13
@4c74356b41

Splunk?

M

mastini, 2012-11-14
@mastini

We have been using graylog2 on all projects since the summer of 2011. The flight is excellent.
I installed logstash + kibana on one project, it seems to be okay too :)

S

serjs, 2012-11-14
@serjs

Used both graylog2 and logstash + kibana, so far little joy, reportedly didn't sag, average account was 1600 for graylog and 600 for logstash. The comrade convinced me that syslog-ng + mysql is cooler, though it’s easier for me to receive and store + show with ES in json, while I’m thinking in the direction of losgtash + custom replacement of kibana or attaching graylog2 to this case (if it is still being written at all).

T

TheMengzor, 2012-11-13
@TheMengzor

rsyslog, normas theme, is configured well, the load is also pulling norms.

A

alexeyshockov, 2012-12-10
@alexeyshockov

Try Loggly .