Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Course Of The Month
10 days, 13 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
log aggregation server linux
Posted on 2014-02-25
hey guys i want to have a central log server, where all of the various logs from my devices go too. My servers, switches, firewalls, send all logs to this point and just collect. What is the best linux distro, or even unix, to faciliate manage this?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2
- +1
5 Comments
Active today
While the options of the software itself are plentiful - Zenoss, Logzilla, Splunk, AlienVault, Octopussy etc, the OS or distro choice would boil down to your level of expertise in Linux.
More apps can be found at http://www.infosecisland.com/blogview/12772-Open-Source-Log-Management-Tools-List.html
My preference would be Debian GNU for it's packaging and ease of use for me.
There's a live CD solution that you might want to look into just to get an idea: https://www.wzdftpd.net/redmine/projects/siem-live
More apps can be found at http://www.infosecisland.com/blogview/12772-Open-Source-Log-Management-Tools-List.html
My preference would be Debian GNU for it's packaging and ease of use for me.
There's a live CD solution that you might want to look into just to get an idea: https://www.wzdftpd.net/redmine/projects/siem-live
i know there were software options, i just recall hearing some Linux distros are optimized for log processing speed wise either via the file system or its structure somehow, but i couldn't remember which one
Active today
Here's a great writeup on how to select your distros: http://www.linuxinsider.com/story/79717.html
And, here's the distros list:http://distrowatch.com/
If you're looking for enterprise grade, I would recommend Fedora. If it's a small to medium enough infrastructure, Debian.
And, here's the distros list:http://distrowatch.com/
If you're looking for enterprise grade, I would recommend Fedora. If it's a small to medium enough infrastructure, Debian.
You can direct logs from all systems in your network to one centralized server in linux RHEL via syslogd daemon. Configuration changes are generally required on both client and server to achieve this.
https://access.redhat.com/site/solutions/2725
http://www.howtoforge.com/syslog-better-logging-tutorial
https://access.redhat.com/site/solutions/2725
http://www.howtoforge.com/syslog-better-logging-tutorial
Active today
the os does not matter much. (i like freebsd so i'm gonna advise freebsd, each and every one of us will advise our favorite os/dist)
the tool will be syslog or one of it's derivatives. most linuxes ship with ksyslogd or rsyslogd, freebsd has it's own version of the original syslogd
a log filesystem such as hammer might seem to be a good choice performance-wise
i personally would not go in that direction : what kind of volumes do you expect ? would that really exceed what a regular machine can do ?
if you're looking towards high performance writes, a good idea might be using zfs (on bsd or solaris) in simili-raid10 with as many disks as needed and possibly a tiny SSD for write cache (alias ZIL alias zpool log device)
----
also note that configuring remote logs in syslog does not guarantee the logs will be actually logged. your devices may buffer the logs for a little while but when the machine is down, the logs will be lost. likewise if the disks are not fast enough, syslog will throw the data away.
the tool will be syslog or one of it's derivatives. most linuxes ship with ksyslogd or rsyslogd, freebsd has it's own version of the original syslogd
i know there were software options, i just recall hearing some Linux distros are optimized for log processing speed wise either via the file system or its structure somehow, but i couldn't remember which one
a log filesystem such as hammer might seem to be a good choice performance-wise
i personally would not go in that direction : what kind of volumes do you expect ? would that really exceed what a regular machine can do ?
if you're looking towards high performance writes, a good idea might be using zfs (on bsd or solaris) in simili-raid10 with as many disks as needed and possibly a tiny SSD for write cache (alias ZIL alias zpool log device)
----
also note that configuring remote logs in syslog does not guarantee the logs will be actually logged. your devices may buffer the logs for a little while but when the machine is down, the logs will be lost. likewise if the disks are not fast enough, syslog will throw the data away.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
The purpose of this article is to demonstrate how we can upgrade Python from version 2.7.6 to Python 2.7.10 on the Linux Mint operating system. I am using an Oracle Virtual Box where I have installed Linux Mint operating system version 17.2. Once yo…
In the first part of this tutorial we will cover the prerequisites for installing SQL Server vNext on Linux.
Get a first impression of how PRTG looks and learn how it works. This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
- Linux
- Windows OS
- Networking
- Paessler
- Network Management
- Network Analysis, Network Operations
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month10 days, 13 hours left to enroll
628 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.