As a newcomer to the world of logging, I think a "definitive" guide
would be very beneficial. There is one available for Windows. Google
"Windows Logging Cheat Sheet v1.1.pdf" to see what type of information
that has.
I started looking at logging infrastructure as a project for work, I
didn't know where I would end up or even where to begin for that matter.
What I found was there are so many options available that it is a little
overwhelming when getting started. From my point of view, I was looking
for the Holy Grail in a "logging central" type of way (a one stop shop
if you will) but what I found was several different projects, with
several different ways of plugging everything together. Information
about what app, fits what role is good information. It took me a couple
of weeks to find enough information on what was what to start building
POC environments.
I decided with the trouble I had finding a definitive solution that I
was going to detail my build process. While there is a lot of
documentation out there, most of it is incomplete (not throwing stones
here; documentation is hard) or done poorly. Even on the project sites
there is missing information and at times, a Google search or thirteen
is needed to solve what I thought should be a common problem with an
easy solution.
Documentation should take one all the way through a process start to
finish (as much as possible). With that said, I put my documentation on
setting up a complete logging stack from start to finish out there in
hopes that it might be helpful to someone else. So far, it is ten parts
and growing (overkill ...maybe). http://alias454.com/category/logging/.
Please feel free to critique it. I do plan to post links (not here) to
pages I found worthwhile when doing my research. So far, there are
around 75 different sites that I used to get acclimated.
I also plan to document the things I come across as far as connecting
endpoints. posting examples of how to connect x device and whatnot. I
have visions of a syslog connection library if you will.
Regards,
Brandon
On 01/30/2015 01:25 PM, Jason Skowronski wrote:
Hey I'm writing a guide to help new users learn best practices for rsyslog
and linux system logging. We're collecting suggestions on which topics to
cover.
I spoke to Rainer and he suggested we cover multiline events, parsing log
files, and tips on what should be logged locally on disk versus sent to out
to an aggregator. For system log examples, we'll probably show too many
login failures, kernel faults, cron job errors, etc.
What kinds of things do you commonly look for in system logs? Things that
are tricky to understand? Things you learned the hard way and wish you knew
at the beginning?
Thanks,
Jason Skowronski
Product Manager, Loggly
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
