Questions tagged [centralized-logging]
37 questions
10
votes
2 answers
What is the equivalent of 'sudo yum install -y awslogs' for apt-get?
According to aws documentation, this is the command to install the aws-log agent:
sudo yum install -y awslogs
However since I am using ubuntu, I have to use apt-get. But the aws-log package is not available.
Is there an equivalent of the aws-log…
Anthony Kong
- 3,288
- 11
- 57
- 96
5
votes
1 answer
AWS Cloudwatch Agent not picking up changes
I'm stumped. I have two log files being watched by the AWS CloudWatch agent. The first one, /var/log/nginx/access.log, works perfectly fine. The second, /var/log/otherserver/access.log, is not having any changes picked up. Not eventually, not ever…
lsh
- 148
- 1
- 12
3
votes
2 answers
Windows Event Forwarding large scale with multiple domains
Let me start off explaining what I'm trying to do:
We have an RMM tool installed on lots of Windows servers. It is able to send Windows Event Logs to a central store, but not in an efficient or reliable way. I'd like to use the native WEF on Windows…
floppyraid
- 33
- 3
3
votes
1 answer
Handling log files across mulitple Windows Servers
I have an application that at any time could be running on 1 of 4 windows servers. Hence, if I am looking for a specific log item, it could be in any of the 4 log files. What I am looking to do is find a solution where I only need to look in one…
frankgreco
- 149
- 2
- 10
2
votes
0 answers
Skype for Business Centralized Logging Issue
I am trying to use logging to troubleshoot an issue with federation between Skype for Business & Cisco Jabber. Said federation works fine for me but not for a couple of my co-workers. When I start logging using ClsLogger.exe (Start-CsClsLogging)…
smccloud
- 133
- 4
2
votes
0 answers
Clean old release files in Sentry
I'm self-hosting Sentry 8 and /var/lib/sentry/files grew to a significant size. I tried launching a script to go through each project's releases via the API, select those older than X days, and remove all files relating to those releases. It seemed…
mpitt
- 21
- 2
2
votes
2 answers
syslog direct to AWS cloudwatch?
Is there a way to push POSIX syslog records directly to AWS cloudwatch? I know Cloudwatch can be rigged to look at the /var/log/messages files and similar.
But is there a way -- a sylog.conf(5) setting, or a rfc5424 compatible listener, or some such…
O. Jones
- 233
- 3
- 6
2
votes
1 answer
Ignoring Healthchecks With Graylog-Collector
I have a log file with a mix of health checks and actual hits in it. I'd like to collect all the logs except the /healthcheck hits. Can graylog-collector handle this for me?
I've read through the documentation here, but I don't see anything relevant…
Jon Buys
- 244
- 2
- 5
2
votes
0 answers
How can I separate logs with rsyslog from a remote location for devices using the same IP?
I have a number of Yealink SIP phones at different locations that I am trying to centralize log collection for.
I have set up a CentOS server at my main location with rsyslog. I am forwarding all traffic from UDP 514 to this server.
There is no way…
ButteredToastMan
- 21
- 5
2
votes
1 answer
Set INFO/ERROR priority for messages logged to journal via stdout and stderr?
We have many production apps (first and third-party) that leave logging up to the process that runs the app and just log to stdout for INFO and stderr for ERROR logs (ie only 2 log priorities: INFO|ERROR).
With a systemd service unit for an app this…
mattpr
- 621
- 4
- 10
1
vote
2 answers
What are some good patterns for cleaning up noisy logging alerts
In addition to traditional logging from applications going into e.g. Elasticsearch, an organisation may have an alerting system "Sentry" that receives log messages/exception events sent by applications over HTTP, and notifies developers of potential…
Will Sheppard
- 131
- 3
1
vote
1 answer
Cannot write IIS logs to Azure Files Share
I'd like to configure IIS (8.5) on an Azure VM to log to an Azure Files Share.
I've proved access to the share by remoting onto the VM and persisting credentials using cmdkey and then navigating successfully via the UNC path in Windows…
Mark York
- 11
- 1
1
vote
0 answers
Logwatch for multiple log 'root directories' on a central log server?
I have multiple clusters, each with a service machine that also collects all the logs (rsyslog and RELP). I started separating them to /data/logs//* so the messages, maillog and other files are separate for each remote host in its own…
Ira
- 139
- 1
- 2
1
vote
1 answer
Apache piped logging failing
I am trying to write a simple apache piped logging directive and I am getting a failure. I just want to grep out 200 response codes for centralizing my log files to ELK. This is the custom log format that I created.
LogFormat "%s %h %l %u %t \"%r\"…
Christopher
- 11
- 1
- 2
1
vote
0 answers
How do we prevent accidental Graylog denial of service problems without multiple graylog instances?
Our original problem
Last year we had a problem where a rogue piece of software on one server spammed our central Graylog Server with so many messages that it caused problems for other applications.
The main problem was older useful messages from…
Mark Booth
- 431
- 1
- 9
- 18