• We had to restore from a backup today after a failed software update. Backup was from 0000 EDT and restored it at 0800 EDT so we lost about 8hrs. Today is 07/20/2024. More info here.

LogAnalysis Tool




Due to my semester project I am searching a LogAnalysis Tool for Linux platforms.
The tool should offer following functionalities:
- support Ubuntu/Debian/CentOS
- analyse as much as possible system logs
- deployable for >100 servers
- central administration on one host (preferable with web-interface)
- notification on irregularity. the customer wishes one report per day which shows if everything is ok or it should contain the issues.
the customer already runs nagios for live-monitoring. so nagios-plugins would be also possible.

i have already found some possible suitable tools but maybe you can give me some additional inputs and field reports.


Try to use rsyslog or dsyslog with loganalyzer tool
Have a look at

Scribe is used by Facebook, so it will scale. They open sourced it a while back.

Or there's logstash: http://logstash.net/

Given the amount of servers you're talking about, you might want a paid for system. Splunk is a market leader, and is pretty awesome for correlating faults across multiple servers, apps and domains. We use this in my company, but cheap it ain't!

Also this newcomer from centeractive looks interesting:

I was going try it out last year, but at the time it had no support for ssh keys and with 100's of servers it would have been impractical to manage. Now however it has that, and more.

Members online