Graylog - an easy solution for log management

Recently, I was researching for opensource log management tools. I had only two requirements. Log Search and Log analytics. A lot of posts in the internet suggested me to use an ELK stack. But, I wanted to do something different. I found graylog as an alternative to ELK. One can setup and run it in minutes. It uses mongodb, elastic search and graylog server.
Here is the login page:


grylog provides different options to stream logs into graylog server. I used the simple UDP listener and forwarded logs from multiple devices into this listener.
Next step is to create dashboards using the search. Here is the search page:

Once search is done, you can add the widgets to a dashboard. The dashboard will help you to get the summary of your devices at one shot. It is also possible to generate alerts on different conditions.

More here:
https://www.graylog.org/

Comments

Post a Comment

Popular posts from this blog

HPUX Tips

1. HOW MANY BITS? HP-UX counterpart for finding on which mode you are currently working (32-bit or 64-bit): getconf KERNEL_BITS 2. The locale info will be present in /usr/lib/nls/README.nls.10.01 3. Profiling programs - use prof (acc -p) Profiling C++ programs Use gprof aCC -G Programs should not be compiled with the -G option to profile Shared Libraries. To profile a shared library: Set LD_PROFILE=Sharelibpath eg: LD_PROFILE=/opt/OV/lib/libOvCoda.sl Set the env. variable GPROFDIR The profiled output file will be present in ${GPROFDIR} 4. To Copy sw depots from a remote system Use the following command to Copy the depot: swcopy -s @ localsystem:/ eg: swcopy -s dumpy.abc.com:/swdist/IPF/OpenSource @ ramki.abc.com:/ramki 5. To install a software from a remote machine swinstall -s Example: swinstall -s ramki.abc.com:/home/ramki/add_to_be/11.00/aCC.3.37.01.depot You can list one of the entries
Read more