I have a need to create a Central log server (web interface), I tried to collect logs using rsyslog, it is very strange works, I tried to put ELK, but for some reason I can't connect other server to send the logs with them.
What programs do you use? Maybe there's a manual there or something, and I was racking my brain, I would be very grateful.
P. S the essence of the task: to collect from 30-40 servers, 15 routers logs on one server and to visualize them by type (ELK, LogAnalizer).
rsyslog works fine. And ELK too. And Graylog. And even syslog-ng is running. Narrow.
nadia answered on April 3rd 20 at 18:45
ELK - or, or cloud (Logz.io, Elastic, AWS).
I tried to put wiped ELK but I was not connected to other servers
please send details, help
paxton.Monahan61 answered on April 3rd 20 at 18:47
That ELK stands are not connected, - it is necessary to look for ways to connect + volume of logs (to send the logs by a few hundred kills in UPD without specific developments is a bad idea). In General, rsyslog local + remote ELK - will solve all your problems.