-2

There is always problem in a group of sysadmins to sync their actions and log them into a central place. Machine based logging is easy, you can point syslog messages to a central logging server and read it after. The problem is that some of the actions are not "sysloggable" like changes in a files, gui actions, etc.

A parallel system to a syslog is needed, something like simple blog, where all actions can be logged by sysadmins, who did what with time and description.

Thanks

Update: VCS and Puppet-like systems are already in use. The point is to correlate the actions and events into one blog-like system.

Update2: It is more about bird-eye view on the overall changes in the systems, related to in-gui changes, file changes, etc

Update3: (I hope this is the final edit) I understand that this can be done in many different ways. I'm trying to avoid "reinventing the wheel" situation here. Some very useful hints were already received about Trello and manual logging of actions using logger.

HopelessN00b
  • 53,795
  • 33
  • 135
  • 209
stimur
  • 894
  • 6
  • 11
  • 3
    Stop administering individual systems. Start using a configuration management system. Use a VCS to track your changes of your the config that is pushed by your configuration management system. – Zoredache Jul 18 '14 at 21:43
  • Puppet + git makes sense – user9517 Jul 18 '14 at 21:44
  • It is obvious, that my question is more about centralized logging of actions. Puppet and VCS are logging changes of multiple systems and that is used already, but changes are done not only inside of the systems, but also in infrastructure, code, virtualization settings, etc. Central place for logging will help to correlate the actions and events. – stimur Jul 18 '14 at 21:50
  • 1
    in the vast majority of environments, the need to adminster individual systems on occasion is unavoidable. – Michael Martinez Jul 18 '14 at 22:47
  • At Stack we have a lot of this stuff point to our internal chat room. We can see when the new puppet configs are built and pushed to prod (or DSC for windows). This creates the timeline, and those messages link to the version control. – Kyle Brandt Jul 19 '14 at 01:13

4 Answers4

4

I'd recommend Trello for this, with all team members subscribed to the board.

You can assign ownership of tasks, the updates are realtime, you can mention members (and get email updates) and there's a nice accounting/logging of task activity. Plus, this is a good visual representation of outstanding tasks. Plus, the checklists are invaluable.

enter image description here

enter image description here

ewwhite
  • 197,159
  • 92
  • 443
  • 809
2

Working in a team of a few hundred sysadmins, DBA's and developers distributed over the world, I find a mailing lists with a good search interface very useful for notifying each other of changes. Add jabber for more instant communication needs and a wiki for documentation and you're good to go.

Dennis Kaarsemaker
  • 19,277
  • 2
  • 44
  • 70
  • Thanks, that is used too, Jira, google docs, etc, but it is not the central place for high level action logs. – stimur Jul 18 '14 at 22:02
1

It depends for a large part on what you want to achieve there and how much you willing to invest with regards to time, money, effort and changing habits.

Do you need a perfect audit trail, where each and every event can be traced back to both a specific administrator AND either an authorised change number or an incident number?

Because that introduces a significant overhead both for your engineering and operations teams, as well as the associated audit team that is required.

HBruijn
  • 77,029
  • 24
  • 135
  • 201
  • I agree about overhead. Certain discipline is also required, All is needed is birds eye view on a changes in the system. with possible deeper dive into details. – stimur Jul 18 '14 at 22:16
0

I think I found the solution, after shooting this question to my friends/sysadmins.

If centralized logging system is in use we can use something like:

logger -t Action "Change description"

and it will be stored on central syslog along with system time and username and can be searchable after.

Sorry for self answering, sometime is better way to find the answer is to start formulating the question :)

stimur
  • 894
  • 6
  • 11