<div dir="ltr">Logstash is great for standardizing log formats, but Kibana, a web UI that works with Logstash (and comes with the combined jar), leaves something left to be desired. I recommend looking at using Logstash to standardize into Graylog Extended Log Format (GELF) then sending the data to a Graylog2 installation.</div>
<div class="gmail_extra"><br clear="all"><div>- Mark Shields</div>
<br><br><div class="gmail_quote">On Fri, Nov 15, 2013 at 11:12 AM, Jim Kinney <span dir="ltr"><<a href="mailto:jim.kinney@gmail.com" target="_blank">jim.kinney@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr"><br><div class="gmail_extra"><br><br><div class="gmail_quote"><div class="im">On Fri, Nov 15, 2013 at 9:57 AM, Jerald Sheets <span dir="ltr"><<a href="mailto:questy@gmail.com" target="_blank">questy@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">+! Logstash<div><br></div><div>Essentially open source splunk. You can use Splunk for free if you're only looking at a small amount of logs.</div>
<div><br></div><div>Honestly, anyone who is looking at Tomcat logs should probably be someone who knows how to use vim and/or knows a very basic amount about java name domains and such.</div>
<div><br></div></div><div class="gmail_extra"><br clear="all"><div>---<br>Jerald M. Sheets jr.<br><br></div><div><div>
<br><br><div class="gmail_quote">On Thu, Nov 14, 2013 at 6:11 PM, Beddingfield, Allen <span dir="ltr"><<a href="mailto:allen@ua.edu" target="_blank">allen@ua.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<font style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">There is something called Logstash that our LDAP admin uses - from what they told me, it is a pain to set up. They are analyzing LDAP and switch logs, and they have it spread across
17 machines. I was not involved in the setup, so I don't know the specifics.</font><br clear="all"></div></blockquote></div></div></div></div></blockquote><div><br></div></div><div>Thanks for the tip to logstash. Look a bit large and possibly unwieldy but then so is the pile of systems I work with. </div>
</div><div class="im"><br>-- <br><div dir="ltr">-- <br>James P. Kinney III<br><i><i><i><i><br></i></i></i></i>Every time you stop a school, you will have to build a jail. What you
gain at one end you lose at the other. It's like feeding a dog on his
own tail. It won't fatten the dog.<br>
- Speech 11/23/1900 Mark Twain<br><i><i><i><i><br><a href="http://heretothereideas.blogspot.com/" target="_blank">http://heretothereideas.blogspot.com/</a><br></i></i></i></i></div>
</div></div></div>
<br>_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
<br></blockquote></div><br></div>