SYSTEM ADMINISTRATION: Splunk
Ben Rockwood has a series of posts on splunking your logfiles. They include all sorts of logs, please go and read Ben's posts. Splunk is to logs, what Google is to search.
Post 1 is on Splunk itself
His summary post has nice pictures on what is possible with Splunk, and brief install instructions.
From his last link to Joe Reeves website, here is some information on how to centralize your Windows boxen logging...
Basically, you use freeware SNARE Agents to send yourApplication, Security, Systems, and IIS logs to a remote syslog serverwhich is on a Linux/BSD/Solaris box. And Splunk can grab and analyze data on your Windows boxes.
Joe Reeves Splunk FAQ
SNARE: Agent for Windows
SNARE Apache
SNARE IIS
and finally, don't forget to visit and download your copy of Splunk
Post 1 is on Splunk itself
To put it simply, Splunk sucks up every type of log you care to feed it, indexes them, and then makes them easily searchable via a nifty AJAX-enabled web interface. The most common usage would be to aggregate a centralized syslog server, but you can feed it all sorts of logs including Apache, Microsoft IIS, JBoss, Windows Event Logs, Sendmail/Postfix/Qmail, OpenLDAP, Active Directory, etc, etc, etc
(Ben's quote with minor spelling corrections)
His summary post has nice pictures on what is possible with Splunk, and brief install instructions.
From his last link to Joe Reeves website, here is some information on how to centralize your Windows boxen logging...
Basically, you use freeware SNARE Agents to send yourApplication, Security, Systems, and IIS logs to a remote syslog serverwhich is on a Linux/BSD/Solaris box. And Splunk can grab and analyze data on your Windows boxes.
Joe Reeves Splunk FAQ
SNARE: Agent for Windows
SNARE Apache
SNARE IIS
and finally, don't forget to visit and download your copy of Splunk
posted by Amit Kulkarni at 5/16/2006 11:00:00 AM
0 Comments:
Post a Comment
Links to this post:
Create a Link
<< Home