LogAnalysis Tool

Discussion in 'Server Security' started by Jaude, Oct 17, 2012.

  1. Jaude

    Jaude New Member

    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    0
    Hello


    Due to my semester project I am searching a LogAnalysis Tool for Linux platforms.
    The tool should offer following functionalities:
    - support Ubuntu/Debian/CentOS
    - analyse as much as possible system logs
    - deployable for >100 servers
    - central administration on one host (preferable with web-interface)
    - notification on irregularity. the customer wishes one report per day which shows if everything is ok or it should contain the issues.
    the customer already runs nagios for live-monitoring. so nagios-plugins would be also possible.

    i have already found some possible suitable tools but maybe you can give me some additional inputs and field reports.

    thanks
  2. sahabcse

    sahabcse New Member

    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    0
    Try to use rsyslog or dsyslog with loganalyzer tool
  3. hackinjack

    hackinjack New Member

    Messages:
    22
    Likes Received:
    2
    Trophy Points:
    0
    Have a look at

    http://sourceforge.net/apps/mediawiki/scribeserver/index.php?title=Main_Page
    Scribe is used by Facebook, so it will scale. They open sourced it a while back.

    Or there's logstash: http://logstash.net/

    Given the amount of servers you're talking about, you might want a paid for system. Splunk is a market leader, and is pretty awesome for correlating faults across multiple servers, apps and domains. We use this in my company, but cheap it ain't!

    Also this newcomer from centeractive looks interesting:
    http://www.retrospective.centeractive.com/

    I was going try it out last year, but at the time it had no support for ssh keys and with 100's of servers it would have been impractical to manage. Now however it has that, and more.

Share This Page