{"id":11434,"date":"2008-11-25T03:39:28","date_gmt":"2008-11-25T00:39:28","guid":{"rendered":"https:\/\/mamchenkov.net\/wordpress\/?p=11434"},"modified":"2008-11-25T03:39:28","modified_gmt":"2008-11-25T00:39:28","slug":"on-remote-logging-with-syslog","status":"publish","type":"post","link":"https:\/\/mamchenkov.net\/wordpress\/2008\/11\/25\/on-remote-logging-with-syslog\/","title":{"rendered":"On remote logging with syslog"},"content":{"rendered":"\n

We’ve been doing some interesting things at work, as always, with yet more people and Linux boxes.\u00a0 And of the side effects of mixing people, Linux boxes, and several locations is this need for some sort of centralized logging.\u00a0 Luckily we have either syslog-ng<\/a> or rsyslog<\/a> daemons installed on each machine, so the only two issues seemed to be reconfiguration of syslog services for remote logging and setup of some log reading\/searching tool for everyone to enjoy.<\/p>\n

As for log reading and searching, there seems to be no end of tools.\u00a0 We picked php-syslog-ng<\/a>, which has web interface, MySQL back-end, access control, and more.\u00a0 There were a few minor issues during setup and configuration, but overall it seemed to be OK.\u00a0 I also patched the source code a bit in a few places, just to make it work nicer with our setup and our needs\u00a0 (both numerical and symbolic priorities, preference for include masks over excludes, and full functionality with disabled caching).\u00a0 In case you are interested, here is a patch against php-syslog-ng 2.9.8f tarball<\/a>.<\/p>\n

Once everything was up and running and we started looking through logs from all our hosts in the same place, there was one thing that surprised me a lot.\u00a0 Either I don’t understand the syslog facilities and priorites fully (and I don’t claim that I do), or there is just too many software authors who don’t care much.\u00a0 Most of our logs are coming in at priority critical.\u00a0 Even if there isn’t much critical about them.\u00a0 Emergency is also used way too much.\u00a0 And there is hardly anything at debug or info or notice levels.\u00a0 (RT, SpamAssassin, and many other applications seem to be using critical as their default log level).\u00a0 Luckily, that\u00a0 almost always is trivial to fix using either the configuration files or applications’ source code directly.<\/p>\n\n","protected":false},"excerpt":{"rendered":"\n

We’ve been doing some interesting things at work, as always, with yet more people and Linux boxes.\u00a0 And of the side effects of mixing people, Linux boxes, and several locations is this need for some sort of centralized logging.\u00a0 Luckily we have either syslog-ng or rsyslog daemons installed on each machine, so the only two … Continue reading On remote logging with syslog<\/span><\/a><\/p>\n\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"_links_to":"","_links_to_target":""},"categories":[1,18,133,62],"tags":[1649,127,1650,19],"keyring_services":[],"class_list":["post-11434","post","type-post","status-publish","format-standard","hentry","category-general","category-programming","category-sysadmin","category-technology","tag-logs","tag-monitoring","tag-syslog","tag-tools"],"aioseo_notices":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":9451,"url":"https:\/\/mamchenkov.net\/wordpress\/2005\/09\/14\/working-with-named-pipes-in-perl\/","url_meta":{"origin":11434,"position":0},"title":"Working with named pipes in Perl","author":"Leonid Mamchenkov","date":"September 14, 2005","format":false,"excerpt":"The collegue of mine came across a problem that developed into an interesting solution that I decided to share with the world. Actually, I think the world is pretty much aware of the solution, but just in case that I will ever be looking for this solution again, I'll have\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":23500,"url":"https:\/\/mamchenkov.net\/wordpress\/2015\/02\/11\/free-alternative-to-splunk-using-fluentd\/","url_meta":{"origin":11434,"position":1},"title":"Free Alternative to Splunk Using Fluentd","author":"Leonid Mamchenkov","date":"February 11, 2015","format":"link","excerpt":"Free Alternative to Splunk Using Fluentd - now, this combination of Elasticsearch, Kibana, and Fluentd looks rather sexy.","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"kibana screenshot","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2015\/02\/kibana-screenshot-500x341.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":27036,"url":"https:\/\/mamchenkov.net\/wordpress\/2016\/12\/02\/things-to-avoid-when-writing-application-logs\/","url_meta":{"origin":11434,"position":2},"title":"Things to avoid when writing application logs","author":"Leonid Mamchenkov","date":"December 2, 2016","format":false,"excerpt":"DaedTech runs the blog post \"Avoid these Things When Logging from Your Application\". \u00a0It sounds trivial, but it's not. \u00a0There are quite a few good reminders for best logging practices. \u00a0Here's the summary list: Forgetting Context Cryptic Codes Spamming the Log File Unsafe Logging Calls Mixing Application Logic with Logging\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":27487,"url":"https:\/\/mamchenkov.net\/wordpress\/2017\/04\/09\/sshrc-bring-your-bashrc-vimrc-etc-with-you-when-you-ssh\/","url_meta":{"origin":11434,"position":3},"title":"sshrc – bring your .bashrc, .vimrc, etc. with you when you ssh","author":"Leonid Mamchenkov","date":"April 9, 2017","format":false,"excerpt":"sshrc looks like a handy tool, for those quick SSH sessions to machines, where you can't setup your full environment for whatever reason (maybe a shared account or automated templating or restricted access). \u00a0Here's a description from the project page: sshrc works just like ssh, but it also sources the\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":28553,"url":"https:\/\/mamchenkov.net\/wordpress\/2018\/05\/07\/php-application-logging-with-amazon-cloudwatch-logs-and-monolog\/","url_meta":{"origin":11434,"position":4},"title":"PHP application logging with Amazon CloudWatch Logs and Monolog","author":"Leonid Mamchenkov","date":"May 7, 2018","format":false,"excerpt":"AWS Developer Blog ran this post a while back - \"PHP application logging with Amazon CloudWatch Logs and Monolog\", in which they show how to use Monolog and Amazon CloudWatch together in any PHP application.\u00a0 It goes beyond a basic configuration of connecting the two, all the way into setting\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2018\/05\/php-aws-500x254.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":26912,"url":"https:\/\/mamchenkov.net\/wordpress\/2016\/11\/20\/robo-modern-task-runner-for-php\/","url_meta":{"origin":11434,"position":5},"title":"Robo – Modern Task Runner for PHP","author":"Leonid Mamchenkov","date":"November 20, 2016","format":false,"excerpt":"There is a whole lot of ways to build and deploy web applications these days. \u00a0I've done my own circle of trials and errors and have some very strong opinions on which ones are good, which ones are bad, and which ones are ugly. My most recent discovery was Robo\u2026","rel":"","context":"In "All"","block_context":{"text":"All","link":"https:\/\/mamchenkov.net\/wordpress\/category\/general\/"},"img":{"alt_text":"robo","src":"https:\/\/i0.wp.com\/mamchenkov.net\/wordpress\/wp-content\/uploads\/2016\/11\/robo-500x239.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/11434","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/comments?post=11434"}],"version-history":[{"count":0,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/posts\/11434\/revisions"}],"wp:attachment":[{"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/media?parent=11434"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/categories?post=11434"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/tags?post=11434"},{"taxonomy":"keyring_services","embeddable":true,"href":"https:\/\/mamchenkov.net\/wordpress\/wp-json\/wp\/v2\/keyring_services?post=11434"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}