Skip to main content

Posts

Showing posts from July, 2011

Fancy logging

Had some fun yesterday setting up a central syslog server, and getting 3 RHEL boxes to send to it. Various third parties will have «root» on those three boxes, and security is a big thing with this install so... It Seemed Appropriate. I've got logwatch on the three, but would like to setup Splunk (free) on this monitoring box. Looks pretty flash, so it might be a bit more to the liking of the suits. As much as possible I'd like to send router, SAN and ESXi logs to it too, so there should be lots of data to mine. I'm woefully ignorant on SNMP, but have set a custom community string on various boxes and pointed them to the monitoring machine. Nothing there is listening tho, so I need to do some more research...