Loading ...
Sorry, an error occurred while loading the content.

19361Re: [ttlug] Its alive.

Expand Messages
  • Falina Baksh
    Jun 5 12:46 PM
    • 0 Attachment
      Spunk is actually sounding quite decent for log analysis.

      Currently I have my Cisco devices reporting to a syslog server and I was considering writing some reporting scripts for email alerts, however if i can have something to do this out if box that would be more sustainable in my absence.

      The syslog server would eventually be responsible for logging from all of the servers in the infrastructure.

      All of the existing servers that I met here are windows based, I only brought up a second Linux server this week so it will be a high learning curve for the other staff.

      My backup plan if I fail to find an existing "wheel" for easy administration is to write a php frontend along the lines of webmin for easy configuration of any scripts and config files that need to work with, not really looking forward to that though.

      I really hate implementing things that don't get used or fall off the wagon once I step away from a project, I'm trying to avoid that as much as possible.

      Sent from my iPhone

      On Jun 5, 2013, at 3:12 PM, Stephen Sankarsingh <stephentnt@...> wrote:

      > Cacti is easier to configure than MRTG, though I still wouldn't consider it
      > n00b friendly. It's rock solid though and I had a server running it for
      > many years without any issues. The main thing it's missing is alerts, I
      > have a feeling that integrated with Zabbix you wouldn't have that problem.
      > If you're familiar with Nagios and are looking for cacti-like functionality
      > then Zabbix is looking good. If you're looking for management friendly
      > reports then Splunk does that. I have never had to draw graphs or pie
      > charts etc with Splunk but I know the functionality is there. With the
      > commercial version you can define roles and allow only certain people to
      > view, create or edit searches/reports/alerts etc. With the free version any
      > reports/searches/alerts you create will be viewable and editable etc by
      > anyone who has access to Splunk's interface.
      >
      > Splunk is like google for text files, you can create searches that look for
      > key words or even entire transactions and make alerts/reports out of those.
      > It's agnostic too and doesn't really care where the log comes from. You can
      > "teach" it to understand new log formats so that it understands the logs in
      > your custom application whereas most others can only understand logs
      > created by a known application such as syslog or secure or messages or
      > eventlog etc.
      >
      > A lot of the stuff Splunk does you can probably do with some combination of
      > awk, grep and sed but your n00bs wouldn't know how to do that right? If you
      > had to teach a new person about all the scripts you wrote to do what Splunk
      > does in a search bar you would be wasting a lot of time and effort. If you
      > had to go back and make changes to your scripts so that it does something
      > slightly different you would also be wasting time.
      >
      > Splunk is sexy. If I wore panties, I would throw them at Splunk!
      >
      >
      >
      >
      > On Wed, Jun 5, 2013 at 2:38 PM, Falina Baksh <bakshfalina@...> wrote:
      >
      >> **
      >>
      >>
      >> I used nagios in the past for host and service monitoring and it works
      >> quite well, but I would like to setup something that's easy for anti-cli
      >> n00b co-workers to configure and add devices to use when I'm not around and
      >> not have to hear the "I don't really know how to use that / it's not
      >> working" excuses and a little less hair pulling for extracting reports in a
      >> management friendly format.
      >>
      >> Mrtg worked perfectly as well for bandwidth graphing but again
      >> configuration isn't n00b friendly.
      >>
      >> Ideally I'm looking for something that could be easily administered, cacti
      >> is looking good but I've been hearing a lot about zabbix as well.
      >>
      >> Thanks,
      >>
      >> Falina
      >>
      >> Sent from my iPhone
      >>
      >> On Jun 5, 2013, at 11:32 AM, Stephen Sankarsingh <stephentnt@...>
      >> wrote:
      >>
      >>> What kind of monitoring?
      >>>
      >>> You have Nagios for services, people tend to like it but I don't. Splunk
      >>> for any type of text log file and Cacti for bandwidth. Splunk is best of
      >>> class imo, and they have a free version if you don't mind not being able
      >> to
      >>> set a password and being limited to 500MB uncompressed data. Splunk is so
      >>> awesome that it makes logging/alerting fun. You can create your own
      >> custom
      >>> logs out of the real logs with a script then feed that into Splunk so
      >> that
      >>> you stay within the 500MB limit. I have over 40 devices sending logs in
      >> one
      >>> form or another to Splunk on a server which is under specced for the role
      >>> and am not close to the 500MB/day limit. If someone logs into my
      >> firewall,
      >>> or one of my databases experiences an error level event or a new file
      >>> appears on my sftp server or a file system somewhere is above a
      >> particular
      >>> threshold I will know in under 2 minutes. Splunk makes logging and
      >> alerting
      >>> proactive instead of reactive. All sysadmins should be using it.
      >>>
      >>>
      >>> On Wed, Jun 5, 2013 at 11:13 AM, Falina Baksh <bakshfalina@...>
      >> wrote:
      >>>
      >>>> **
      >>
      >>>>
      >>>>
      >>>> Fabric sounds interesting, will check it out.
      >>>>
      >>>> What do you guys favor for monitoring?
      >>>>
      >>>> I'm feeling like stepping away from nagios and trying some of the other
      >>>> tools e.g zabbix claims to do give you nagios+mrtg in one package.
      >>>>
      >>>> Rgds,
      >>>> Falina
      >>>>
      >>>> Sent from my iPhone
      >>>>
      >>>> On Jun 4, 2013, at 12:29 PM, Stephen Sankarsingh <stephentnt@...>
      >>>> wrote:
      >>>>
      >>>>> Sucks when all you guys talk about is Linux desktops and the desktop
      >>>> sucks
      >>>>> so hard. Any interesting applications? Recently, I've been using
      >>>> something
      >>>>> called Fabric. Fabric + ssh-keys allows you to run commands on remote
      >>>>> servers from your local machine. I've used it to start consolidating my
      >>>>> sysadmin and (sql) reporting scripts. This way all my scripts and crons
      >>>> are
      >>>>> on a single server instead of spread out across 2-3 dozen servers.
      >> Makes
      >>>>> for some kickass automation options leaving you with more time to do
      >>>>> nothing :)
      >>>>>
      >>>>> Doing nothing should be every sysadmin's goal.
      >>>>>
      >>>>> /Stephen
      >>>>>
      >>>>> On Tue, Jun 4, 2013 at 12:19 PM, Lawrence, Rellon
      >>>>> <rellonlawrence@...>wrote:
      >>>>>
      >>>>>> Mint might not be the best now.
      >>>>>> Ubuntu has only 8MTS life except for LTS and mint has no upgrade path.
      >>>>>> Fresh system every 8 mts
      >>>>>>
      >>>>>> On Tuesday, June 4, 2013, Richard Jobity wrote:
      >>>>>>
      >>>>>>> **
      >>>>>>>
      >>>>>>>
      >>>>>>> MINT!
      >>>>>>>
      >>>>>>> MINT~!
      >>>>>>>
      >>>>>>> -----Original Message-----
      >>>>>>> From: TTLUG@yahoogroups.com <javascript:_e({}, 'cvml',
      >>>>>>> 'TTLUG%40yahoogroups.com');> [mailto:TTLUG@yahoogroups.com
      >>>> <javascript:_e({},
      >>>>>> 'cvml', 'TTLUG%40yahoogroups.com');>]
      >>>>>>> On Behalf Of Wendell Clarke
      >>>>>>> Sent: Tuesday, 04 June 2013 09:08 AM
      >>>>>>> To: TTLUG@yahoogroups.com <javascript:_e({}, 'cvml',
      >>>>>>> 'TTLUG%40yahoogroups.com');>
      >>>>>>> Subject: Re: [ttlug] Its alive.
      >>>>>>>
      >>>>>>> I updating with every chance I get. Still stuck with one problem and
      >>>>>>> hoping an update fixes it soon.
      >>>>>>> On Jun 4, 2013 8:58 AM, "browwwsers1996" <allan@...
      >>>> <javascript:_e({},
      >>>>>> 'cvml', 'allan%40browwwsers.com');>>
      >>>>>>> wrote:
      >>>>>>>
      >>>>>>>> **
      >>>>>>>>
      >>>>>>>>
      >>>>>>>> Hello all,
      >>>>>>>>
      >>>>>>>> Have not been here for a while.
      >>>>>>>>
      >>>>>>>> Hope you are all busy updating 13.04 like I am.
      >>>>>>>>
      >>>>>>>> Allan
      >>>>>>>>
      >>>>>>>>
      >>>>>>>>
      >>>>>>>
      >>>>>>> [Non-text portions of this message have been removed]
      >>>>>>>
      >>>>>>> ------------------------------------
      >>>>>>>
      >>>>>>> Help build TTLUG by forwarding this to anyone who is interested in
      >>>> the
      >>>>>>> subject matter or would otherwise benefit from joining the mailing
      >>>> list.
      >>>>>>>
      >>>>>>> Trinidad and Tobago Linux Users Group
      >>>>>> http://groups.yahoo.com/group/ttlug
      >>>>>>> To subscribe, send an email to_______
      >>>> TTLUG-subscribe@yahoogroups.com<javascript:_e({},
      >>>>>> 'cvml', 'TTLUG-subscribe%40yahoogroups.com');>To unsubscribe, send an
      >>>>>> email to_____
      >>>>>>> TTLUG-unsubscribe@yahoogroups.com <javascript:_e({}, 'cvml',
      >>>>>>> 'TTLUG-unsubscribe%40yahoogroups.com');> List owner/moderator
      >>>> Richard
      >>>>>>> Jobity__ TTLUG-owner@yahoogroups.com <javascript:_e({}, 'cvml',
      >>>>>>> 'TTLUG-owner%40yahoogroups.com');> Yahoo! Groups Links
      >>>>>>>
      >>>>>>>
      >>>>>>>
      >>>>>>
      >>>>>>
      >>>>>> [Non-text portions of this message have been removed]
      >>>>>>
      >>>>>>
      >>>>>>
      >>>>>> ------------------------------------
      >>>>>>
      >>>>>> Help build TTLUG by forwarding this to anyone who is interested in the
      >>>>>> subject matter or would otherwise benefit from joining the mailing
      >>>> list.
      >>>>>>
      >>>>>> Trinidad and Tobago Linux Users Group
      >>>> http://groups.yahoo.com/group/ttlug
      >>>>>> To subscribe, send an email to_______ TTLUG-subscribe@yahoogroups.com
      >>>>>> To unsubscribe, send an email to_____
      >>>> TTLUG-unsubscribe@yahoogroups.com
      >>>>>> List owner/moderator Richard Jobity__ TTLUG-owner@yahoogroups.com
      >>>>>> Yahoo! Groups Links
      >>>>>>
      >>>>>>
      >>>>>>
      >>>>>>
      >>>>>
      >>>>> [Non-text portions of this message have been removed]
      >>>>>
      >>>>>
      >>>>
      >>>> [Non-text portions of this message have been removed]
      >>>>
      >>>>
      >>>>
      >>>
      >>>
      >>> [Non-text portions of this message have been removed]
      >>>
      >>>
      >>>
      >>> ------------------------------------
      >>>
      >>> Help build TTLUG by forwarding this to anyone who is interested in the
      >>> subject matter or would otherwise benefit from joining the mailing list.
      >>>
      >>> Trinidad and Tobago Linux Users Group
      >> http://groups.yahoo.com/group/ttlug
      >>> To subscribe, send an email to_______ TTLUG-subscribe@yahoogroups.com
      >>> To unsubscribe, send an email to_____ TTLUG-unsubscribe@yahoogroups.com
      >>> List owner/moderator Richard Jobity__ TTLUG-owner@yahoogroups.com
      >>> Yahoo! Groups Links
      >>>
      >>>
      >>>
      >>
      >>
      >>
      >
      >
      > [Non-text portions of this message have been removed]
      >
      >
      >
      > ------------------------------------
      >
      > Help build TTLUG by forwarding this to anyone who is interested in the
      > subject matter or would otherwise benefit from joining the mailing list.
      >
      > Trinidad and Tobago Linux Users Group http://groups.yahoo.com/group/ttlug
      > To subscribe, send an email to_______ TTLUG-subscribe@yahoogroups.com
      > To unsubscribe, send an email to_____ TTLUG-unsubscribe@yahoogroups.com
      > List owner/moderator Richard Jobity__ TTLUG-owner@yahoogroups.com
      > Yahoo! Groups Links
      >
      >
      >
    • Show all 20 messages in this topic