On Sat, May 23, 2015 at 10:41:41AM -0400, Predrag Punosevac wrote: > Hi Misc, > > I have been running syslog-ng centralized syslog server on OpenBSD for a > about six months now. I have also started looking into more > sophisticated ways to search, analyze, and visualize log data. Currently > I use combination of regular expressions and sed/awk.
syslog-ng needs update to use syslog-ng-icubator (plugins; for example to send directly from syslog-ng to elasticsearch). I'm busy but I tried to update it https://github.com/jirib/openbsd-mystuff/tree/master/sysutils/syslog-ng Latest diff was merged recently. > Browsing our ports collection I learnt about Logstash, Elasticsearch and > I found out about Kibana too even that it is not in the ports. Those > three usually go under the name of ELK. IMO it would be nice to have separate kibana without logstash. > 5. Finally I am open for simpler ideas. Any opinions on sysutils/logfmon > Is it possible to visualize on the web output from logfmon? elasticsearch has syslog plugin which acts as syslog server, so you could send directly to elastricsearch from base syslogd ;) elasticsearch needs more testing, imo plugins dir should maybe be moved to /var/elasticsearch. i'm quite busy now. j.
