Central Loghost Mini-HOWTO This page is simply a collection of open source tools you can use to glue together your own centralized (syslog) loghost. Included are example configuration settings so that you can configure your loghost in a manner similar to mine. There is very little that you need to read and understand in order to use these tools. Also, these tools are widely used and therefore easy to get help with on internet mailing lists. I established a centralized location for syslog collection in order to facilitate: Log reporting real time alerting periodic (several times per day) summary reporting Log storage long term archival for possible later analysis Tools used: UNIX hosts (Linux and Solaris) Modified logcheck script(s). Syslog-NG Swatch though I'm slowly moving to SEC, this page will be updated once I've completely switched Splunk for a GUI interface Stunnel
Splunk is a popular Linux web application that gives IT administrators a birds-eye view of their log files, or more appropriately, a bees-eye view. Not only will it index and chart log file events in a beautifully rendered web format, but it also allows a