<script type="text/javascript"> slides = { title: 'Centralized Logging', copyright: 'Dr Joe Francom (Utah Tech University)', course: 'IT 1100', }; </script>

IT 3110

Centralized System Logger

Logging

We could have several different services running at this point:

  • apache
  • bind
  • mysql

Each could generate an application specific log file. This could become rather tedious when debugging or troubleshooting. Collecting logs in a centralized location can simplify management and administration.

Logging

  • With syslog-ng you can collect logs from any source, process them in near real-time and deliver them to a wide variety of destinations.
  • Supports many different log files, (can parse files)

Logging

Log rotate

Logs can consume a ton of space. If left unchecked this can cause problems.

  • du /var/log

We can automatically delete logs after a certain amount of time.

Log rotate

The packages that we need are already installed by default.

  • Config file: /etc/logrotate.conf
  • man logrotate
  • Can override settings in /etc/logrotate.d