Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [centralized-logging]

37 questions
0
votes
1 answer

Central Logging Options - need flat file as well as elastic search

I would like to have ephemeral ec2 instances push logs to a central flat-file store for archiving and manual perusing, as well has have that data pushed to elastic search. Is there a single agent that can tail local log files and both push them to a…
CarpeNoctem
  • 2,437
  • 4
  • 23
  • 32
0
votes
1 answer

Multiple logging managers for different services, or one with multiple databases (graylog)

I am creating a logging infrastructure for a company with 2 unrelated services. Is it better to have: a single graylog instance that routes the logs from the two services to different elasticsearch databases or rather have two separate graylog…
Damian Games
  • 23
  • 5
0
votes
1 answer

Rotate Logs of systemd-journal-remote

I am running Ubuntu 22.02 with systemd-journal-remote version 249.11-0ubuntu3.6. The hard drive was full because log rotation was not set-up. To manage file size of journals I updated my config at…
antonio amaddio
  • 11
  • 3
0
votes
1 answer

rsyslog: action suspended, next retry is

I'm trying to configure rsyslog to receive logs sent from other devices on port 3100 (my manager chose that port and I will get him to change it to 514 later), and save (append) those logs in local files. So I created /etc/rsyslog.d/remote.conf…
Michael NGV
  • 1
  • 3
0
votes
1 answer

Rsyslog server - conditionally forward logs

The idea is to receive the logs on the Rsyslog server and then send them to a specific Kafka server depending on the log contents. For example, Logs are being received on a single port, 514 Forwarding received logs to Kafka topic #1 and lines…
Iggy
  • 15
  • 1
  • 4
0
votes
0 answers

How to differentiate docker containers in stackdriver logging?

I have a VM in GCE with docker installed. There I run containers using the Google Cloud Logging driver. I can see the logs in stackdrive logging. However, i can't easily browse between logs of different containers. All the containers' logs get…
Hilikus
  • 125
  • 7
0
votes
1 answer

Is it possible to automatically collect chromebook system logs for SIEM ingestion?

I'm planning to have a subset of end users running Chromebooks and would like to ingest system logs for those devices into a SIEM solution. Is there a way to do this? I see from Google documentation that there's a manual process for retrieving…
Mike B
  • 11,871
  • 42
  • 107
  • 168
1 2
3