On Thu, 11 Sep 2014, Yves Dorfsman wrote:
On 2014-09-10 22:26, David Lang wrote:
How many different logs are you talking about?
It depends on the server, apps server can have a dozen logs + the regular
system logs.
Do you have another method of getting the logs other than scraping the files?
No, I thought graylog2 would come with its own mechanism.
Do these logs have any unusual features (extremely long lines, multi-line log
messages, etc)
Do the files rotate by date, or with the 'standard' approach of mv the old
file and re-open it?
Mostly logrotate, some of them by date, some with a combination of date/size.
I have seen logstash mentioned, but picture people sending files to the
logstash server which would then forward them to graylog2... if the logstash
forwarder can send files directly to the graylog2 server, then that will
probably be the simplest solution.
logstash does have mechanisms to scrape files to send them to a log server. This
really is a simple task (the syslog UDP protocol is _really_ simple).
Unfortunantly a lot of existing tools have a hard-coded 1k size limitation,
but writing something to beat that is pretty simple.
David Lang
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
