Differences

This shows you the differences between two versions of the page.

--- redhat:server-monitoring-redhat:start [2018/12/05 14:40] – michael
+++ redhat:server-monitoring-redhat:start [2020/03/05 16:04] – michael
@@ Line 2: / Line 2: @@
-===== Logging Stacks - Infrastructure Logging =====
-  * https://angristan.xyz/monitoring-telegraf-influxdb-grafana/
-  * https://www.blog.labouardy.com/monitor-your-infrastructure-with-tig-stack/
-  * https://gist.github.com/mlabouardy/c4d8effdb31ba75ac63326a8d911a379
 ===== Systemweites Logging aller User Commands  =====
@@ Line 231: / Line 226: @@
+===== Splunk (Elasticsearch)  =====
-----
+==== Installation von Elasticsearch ====
-===== Weiteres =====
+==== Splunkforewarder Setup ====
+... FIXME
+Custom logs sind möglich. Unten ist dokumentiert wie das geht:
+<code>
+### Monitor custom logs with splunkforwarder
+# Create app folder structure
+CUSTOM_APP=/opt/splunkforwarder/etc/apps/sbb_custom_app_logs/local
+mkdir -p $CUSTOM_APP
+# Create inputs.conf and specify your custom logs
+cat << EOF > ${CUSTOM_APP}/inputs.conf
+### Put your custom logfiles here and define sourcetype and index
+### Documentation can be found here: https://docs.splunk.com/Documentation/Splunk/latest/Admin/Inputsconf
+#[monitor:///var/log/yourlog.log]
+#sourcetype=syslog
+#index=sbb_cloudlinux
+#[monitor:///data/log/yourlog.log]
+#sourcetype=syslog
+#index=sbb_cloudlinux
+EOF
+# Restart splunkforwarder
+systemctl restart splunkforwarder
+</code>
+===== Logging Stacks - Infrastructure Logging =====
+  * https://angristan.xyz/monitoring-telegraf-influxdb-grafana/
+  * https://www.blog.labouardy.com/monitor-your-infrastructure-with-tig-stack/
+  * https://gist.github.com/mlabouardy/c4d8effdb31ba75ac63326a8d911a379
+===== Weiteres =====
 Zabbix: http://www.geekpills.com/operating-system/linux/zabbix-installation-of-zabbix-server-on-centos