Linux, Unix, and Windows System Logs

[binkocd]

Hey,

I really want to find a way to get all our logs (Linux, Unix, and Windows) to one server and have a frontend that shows all the issues that each server has. We have phplogcon, but what I have found is that it is Windows oriented. I was hoping to have something like that...interface wise, but any suggestions would be greatly appreciated. Thanks.

[tokenuser]

In a previous life I worked for a company that took all the various logs (including SNMP logs) and used a PHP script to drop the contents a database. This then allowed us to query the database and get a consolidated snapshot of traffic across multiple servers on the same timeline if necessary.

Once its in a database, your options open right up - from generating web pages of system metrics in real time (OK, data was delayed, but the pages were dynamic, not static based on your queries), to doing reporting using tools as simple as Excel (yes, Excel and pivot tables - you might laugh but its a tool that even non-tech management types can understand, and it eliminated the need for writing custom reports on the whim of the managers).

The tools for doing this are pretty straight forward, using PERL (people forget that the RL in PERL stands for Report(ing) Language - and it does it extremely well), PHP, Python, or any other favourite means of parsing a file into tokenised output (I'd go C or Java ... but thats just my bias).

[xcorvis]

Splunk. http://www.splunk.com/
If your logs are small enough, their free version might work for you.

You could also look at rsyslog and syslog-ng, but you'll have to use other tools to get Windows to talk to the log aggregator.

More info here: http://www.syslog.org/

http://www.zenoss.com/


One of many linux options:
http://www.fogonacaixadagua.com.br/2...i-for-queries/