Loggly Log Monitoring
-
Just to make this more interesting for people looking at the data: mi-lnx-dev is a software development server so is loaded with the latest stuff and runs on the latest Fedora build, mi-lnx-jump is our production UNIX jump station, ws-to-lnx-crm is a production CRM, iad-lnx-mangodb is exactly what it sounds like - the system you are reading this on and lastly, to-lnx-web is a production web server. So four production hosts and a development environment topping the list of systems in log production.
The mi prefix means it is a host in our Mississauga datacenter and to means that it is in Toronto and iad means that it is in Virginia (that is an airport code.)
-
If we go from that dashboard and delve into the logs of a single server (iad-lnx-mangodb, in this case) we can see real log entries and a chart of the traffic for this one single machine. This is where you would go for real troubleshooting.
-
Very nice. How much do you get for free? What makes you move to a paid account?
-
@StrongBad It is based on log volume. You can send up to 200MB per day on the free tier. If you need more than 200MB, you have to pay. Also if you need longer retention periods, that isn't available with free. And alerting is paid only.
-
I don't think you can give me credit for implementation. I tried and found my Unix skills were not up to snuff. When that happens, you tag @scottalanmiller.
-
What kind of logs will this accept? Is there an agent on the servers?
-
Pretty much anything. You can use an agent (easy) or configure logs to send directly to them (hard.) Setting it up for Linux or Windows system logs is dead simple. They have guides to how to use just about anything. If you have internal log collection like FluentD or LogStash then you can route to that and have that send to Loggly.
You can add Loggly logging to your own applications or you can have apps like Apache or Nginx send directly.
Loggly will also monitor files, so you can easily ad hoc monitor anything that creates a text file.
-
Here are the main log sources that they currently handle beyond Windows and Linux system logs...
-
-
-
-
So quite a few options.
