5

I have two linux servers. I'm an administrator, and part of my daily routine is to check all the logs for errors or strange messages. So, every morning I check:

On server #1:

/var/log/syslog
/var/www/example.com/error.log
/var/log/redis.log
...and so on

On server #2:

/var/log/syslog
/var/lib/mysql_error.log
/var/lib/mysql_slow.log

Opening each file through terminal is very boring and unproductive. Is there some tool, that can collect logs from all servers and display them in one place?

Temnovit
  • 1,107
  • 6
  • 19
  • 27

2 Answers2

5

One solution thats really popular these days is Logstash.

Open source, and scalable.

Not Now
  • 3,532
  • 17
  • 18
  • 2
    This. And make sure to use [Kibana](http://kibana.org/) as the web frontend instead of the one included with Logstash. (Kibana is likely to become the official frontend in the not-too-distant future.) – jgoldschrafe Feb 10 '13 at 21:18
2

There is the quite simple logcheck that sends you emails and allows filtering good stuff by own regex rules.

OSSEC has also an quite good log monitoring tool.

LogAnalyzer looks like a nice gui and appears to be connected somehow to rsyslog.

Edit: Logstash looks really great. Did not knew about it.

There are probably other tools such as scribe from facebook or log.io for more sophisticated and different purposes.

I think just spend some minutes googling for log monitoring should give you a rather long list of solutions.

But it's hard to decide what fits your needs and what not. It's also not always very straightforward to come up with a configuration that not spams you with unimportant stuff and is also reliable if something goes wrong. I found logcheck to be too verbose by default and OSSEC quite nice.

kei1aeh5quahQu4U
  • 445
  • 4
  • 22