Log2Ram and frontail

Charly's Column – Log2Ram and frontail

Article from Issue 226/2019
Author(s):

If you run 25 Raspberry Pis at home, and an equal number of other IP devices, you might also think like Charly does when it comes to log management. The result is atomic technology and a logfile disk that is not permanently overloaded.

From time to time, I use nmap -sP 10.0.0.1-254 to check how many IP devices are online in my home network. There are now more than 50, half of them Raspberry Pis. The need for a central syslog server is slowly growing. An old miniature PC with an Intel Atom, which I retrofitted with an SSD, is the designated candidate for this permanent task. The syslog server comes courtesy of the standard rsyslogd. In its configuration file (/etc/rsyslog.conf), the following lines ensure that the server can receive syslog data from other hosts via UDP and TCP:

$ModLoad imudp
$UDPServerRun 514
$ModLoad imtcp
$InputTCPServerRun 514

On the other machines, I added an entry of *.* @10.0.0.254 to rsyslog.conf so that they all send their log data to the server on 10.0.0.254.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Charly's Column: lsof

    The shorter a command, the longer the list of support parameters. This rule applies to lsof, one of Charly’s favorite commands.

    more »
  • Charly's Column

    Using SQL to sift syslog data out of a database is an admittedly universal, but also fairly convoluted approach. phpLogCon, with its web interface, gives admins an easier option.

    more »
  • Charly's Column – Keepalived

    Columnist Charly likes to keep system-critical daemons on two or more servers. If one of the servers fails, the idea is that the service can be started on the other and will be available at the same IP address – a scenario that works with or without the Pacemaker heartbeat.

    more »
  • Charly's Column

    Users log on to services such as SSH, ftp, SASL, POP3, IMAP, Apache htaccess, and many more using their names and passwords. These popular access mechanisms are a potential target for brute-force attacks. An attentive bouncer will keep dictionary attacks at bay.

    more »
  • Charly's Column

    Well-used services write reams of log information to disk, which is not only bothersome from a storage perspective but also pushes grep and the usual group of statistics tools to their limits. Will hitching the syslog daemon up to a database help?

    more »
comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News

Tag Cloud

Administration Community Events Hardware Linux Linux Pro Magazine Mobile Programming Security Software Ubuntu Web Development Windows free software open source