0

Scenario... Load balanced webfarm with several Apache/Tomcat machines crunching the requests.

Developers need access to the catalina.out file. Naturally this is different on all machines.

What method/logic/tactic would you use/suggest in such a situation? Unfortunately reconfiguring tomcat to shoot catalina.out on an NFS export is not an option.

Do you know of any cute web front ends to logfile directories? :)

EEAA
  • 108,414
  • 18
  • 172
  • 242
CMag
  • 687
  • 2
  • 11
  • 31

2 Answers2

2

I've used Graylog for this before:

http://graylog2.org/

It provides a nice web interface that is intuitive and it was really simple to setup. We have since outgrown the built-in functionality of Graylog and are using Splunk (mentioned in the answer @quanta linked). It provides a much nicer front-end and lets you build reports and alerts so you can get notified about certain conditions based on very extensive criteria.

polynomial
  • 3,968
  • 13
  • 24
  • HOT , How scalable is graylog? – CMag Oct 07 '11 at 16:59
  • It doesn't really support distributed backends so its fairly limited, but you can do hundreds of millions of events in a single system pretty easily. – polynomial Oct 08 '11 at 19:35
  • What if you have a centralized rsyslog server... can you push all your logs form rsyslog -> graylog? :) That way not modifying all systems, but adding on graylog? – CMag Oct 11 '11 at 17:16
  • 1
    Yeah, that way works really nicely and it makes it easier to change solutions if you need to later (and lets old school dudes use grep if they really want to). – polynomial Oct 12 '11 at 00:52
  • THANK YOU ! I will implement today and see what happens :) Will stress test and revert :) – CMag Oct 17 '11 at 15:10
0

Suggest using logstash to slurp the data in from the log file, then you can push it to Graylog2 (and provide a 'stream' to allow users to read the logs). Splunk is nice but pricey.

Rasputnik
  • 196
  • 4