Splunk Universal Forwarder Linux

Splunk log monitoring

For a sys admin, one of the main tasks that must be done is to monitor log (record of events) that exist on a server application. Become a problem when run by the sysadmin consists of several server applications, such as web servers, mail servers and proxy servers, and monitoring is desired in realtime, so that if a problem can arise soon traced the problem through an existing log.

SPLUNK, in my opinion is one of the solutions that can be used to further ease in performing monitoring logs. Splunk will record all log data from the server that performed the monitoring and then conducted the process of indexing. The purpose of the indexing process is certainly will make things easier in the process of the search (search) to find the problems that occur in the system.

I've tried doing the installation of debian linux for free, but are also available for other OS, free bsd, solaris linux even. From this free product that we can already try to do monitoring and indexing logs however only limited of 500 MB. The SSO feature through any LDAP is already available but paid for the product.

Our hope with this use of splunk will reduce down time system, quickly analyze incident (report) based on existing log so ease in decision making. cheeer.

Click here for Comments