log centralizer?
Dennis Glatting
dg at pki2.com
Mon Aug 7 06:20:29 UTC 2017
On Sun, 2017-08-06 at 22:39 -0700, Aleksandr Miroslav wrote:
> I'm looking for a mechanism to collect and store all logs into a
> centralized location. I'm not looking for a fancy graphical interface
> (a la Splunk) to search those logs just yet, just collecting them on
> a
> centralized server is fine for the moment.
>
> Is there something available in ports/base that I can use for this
> purpose? I took a quick look at ELK, it seems overly complicated, but
> iIve never used it.
The simple approach is to have a central MySQL database fed from
rsyslog across the servers of interest. Costume devices, such as HVAC,
could point to a rsyslog server which then feeds the database.
Periodically run scripts against the database to generate summary
information, build firewall rule sets, and for maintenance.
For weird things, such as netflow off the switches and routers,
forward the flows to a server, parse it, and then stuff it into the
database.
You can also create multi-master databases in case one goes offline or
local optimization. I was looking at Cassandra for multi-master.
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freeb
> sd.org"
--
Dennis Glatting
Numbers Skeptic
More information about the freebsd-questions
mailing list