Centralized log archiving with Logstash

In Full View

Article from Issue 151/2013

When something goes wrong on a system, the logfile is the first place to look for troubleshooting clues. Logstash, a log server with built-in analysis tools, consolidates logs from many servers and even makes the data searchable.

If anything goes wrong on an enterprise network, the admin has to find and fix the problem quickly. Finding the information typically isn’t a problem – most IT systems produce a steady flow of system log entries and error messages – but evaluating this information correctly in complex networks with many devices, systems, and servers is often easier said than done.

One problem is the amount of information produced. On the one hand, a tool like the Pacemaker Cluster Manager is particularly verbose, producing many times the output needed. With Apache, on the other hand, data can end up going too many places if the admin sets it up to log each virtual host separately. On web servers that serve many customers, a vast number of logfiles accumulate, which means that debugging specific problems for an individual user can be an endless task.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Perl – Analyzing Log Data

    Splunk has mastered the art of finding truly relevant messages in huge amounts of log data. Perlmeister Mike Schilli throws his system messages at the feet of a proprietary analysis tool and teaches the free version an enterprise feature.

  • Perl: Elasticsearch

    The Elasticsearch full-text search engine quickly finds expressions even in huge text collections. With a few tricks, you can even locate photos that have been shot in the vicinity of a reference image.

  • Sensu Monitoring Software

    When the Twitter hashtag #monitoringsucks gained popularity a few years ago, it seemed as though monitoring software had reached its limits and stagnated. Will Sensu launch a new golden age?

  • Table of Contents: 151

    The Nepomuk semantic desktop has matured with the KDE 4 series. We look at how you can use Nepomuk to structure information about the files, folders, and applications on your system. Then, discover Qt build tool Qmake, social media data mining, and the e-commerce services of eBay and Amazon.

  • Cloud Computing

    Cloud computing systems like Amazon's Elastic Compute Cloud (EC2) save power and overhead by taking the peak out of your server load.

comments powered by Disqus

Direct Download

Read full article as PDF:

Price $2.95