Syslog-Ng
I’m using unbound(8) on OpenBSD to block Ads . In the logs, I can see which domains were queried and blocked ; but I like to have a more graphical overview of whats happening over weeks. So I stole a few ideas from the Pi-Hole Web Interface , routed the logs to InfluxDB via syslog-ng and rendered statistics using Grafana.Continue reading...
I’ve used Elasticsearch on OpenBSD to store my system logs for quite long now. And if it does the job, there are a few things I don’t like so much with it.
I only used a single instance so I was warned about availability. But a sudden power outage had severe impact on my daily data. Way much more than what I expected from a Production-ready software. Rebuilding and re-indexing the data was a real pain in the ass. From time to time, I also get errors about indexing that seem to go away without doing nothing.
The latter is probably due to my low memory server. But I want to store logs for only a couple of boxes. And I don’t want to reserve 4GB of RAM just for this. This “gimme more RAM” manner really annoys me. And as I also need RAM for Logstash (to parse the data and send them to Elasticsearch), this leads to way too much resources consumption.
That said, I decided to test another way for storing the logs : using a RDBMS, namely MariaDB. I already have one running smooth. And I read Grafana was able to read data from it using SQL commands.Continue reading...
Logs are for program what speech is to human.
People says what’s wrong (most of the time ;), program log it.
Here’s how I use syslog-ng to get a central syslog system.Continue reading...