Re: which monitoring do you use (on OpenBSD)

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: bofh

Subject: Re: which monitoring do you use (on OpenBSD)

Date: Saturday, August 14, 2010 - 2:28 pm

Friends who are using splunk strictly as a logger liked it.  We had
hell of a lot of pain implementing 4.0.  They don't understand the
concept of dropping privs, so it has to run as root.  My company does
not allow the non-os team to have root.  So endless fucking around
with permissions and "hey unix team, can you please do this so that we
can continue troubleshooting".

And to top that, 4.0 through about 4.09 were feature *and* bug rich.

They have agents which have to be installed and upgraded manually each
time.  Few hundred servers and that starts to get a bit old.

And sux on aix (ok, that's our fault - the asshole who bought it
bought a p520 instead of a x86 box.  Before a solution/product was
even finalized).

And some kind of buffer overflow issue which I think is fixed now.

So, if you're looking for something to sit on 512 and other assorted
ports to receive logs, and index them, and give you a pretty interface
to do searches on non-normalized data on linux, splunk's pretty nice.

If you need to use some of their "additional" features (agents, etc)
test it out first before doing it.  Fortunately, you can get an annual
500meg/day license for free by just asking.

On 8/14/10, Toni Mueller <openbsd-misc@oeko.net> wrote:
quoted text> On Fri, 13.08.2010 at 14:36:21 +0100, Kevin Chadwick <ma1l1ists@yahoo.co.uk>
> wrote:
>> What do people think of monit.
>
> Ok, I'll chime in: What do people think of Zenoss and splunk?
>
> I'm so far leaning twoards trying Zenoss, but it surely has a high
> barrier-of-entry, and I'm only interested in splunk for comparison.
>
>
> Kind regards,
> --Toni++
>
>

-- 
Sent from my mobile device

http://www.glumbert.com/media/shift
http://www.youtube.com/watch?v=tGvHNNOLnCk
"This officer's men seem to follow him merely out of idle curiosity."
-- Sandhurst officer cadet evaluation.
"Securing an environment of Windows platforms from abuse - external or
internal - is akin to trying to install sprinklers in a fireworks
factory where smoking on the job is permitted."  -- Gene Spafford
learn french:  http://www.youtube.com/watch?v=30v_g83VHK4

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: which monitoring do you use (on OpenBSD), Robert, (Mon Aug 9, 4:05 pm)

which monitoring do you use (on OpenBSD), Jiri B., (Mon Aug 9, 4:28 pm)

Re: which monitoring do you use (on OpenBSD), Eugene Yunak, (Tue Aug 10, 6:00 am)

Re: which monitoring do you use (on OpenBSD), Iñigo Ortiz de Urbina, (Tue Aug 10, 6:33 am)

Re: which monitoring do you use (on OpenBSD), Henning Brauer, (Tue Aug 10, 9:40 am)

Re: which monitoring do you use (on OpenBSD), Martin Schröder, (Tue Aug 10, 10:00 am)

Re: which monitoring do you use (on OpenBSD), C. Bensend, (Tue Aug 10, 10:41 am)

Re: which monitoring do you use (on OpenBSD), Jason Dixon, (Tue Aug 10, 12:58 pm)

Re: which monitoring do you use (on OpenBSD), James Peltier, (Tue Aug 10, 1:11 pm)

Re: which monitoring do you use (on OpenBSD), Jason Dixon, (Tue Aug 10, 3:05 pm)

Re: which monitoring do you use (on OpenBSD), Joachim Schipper, (Wed Aug 11, 2:03 am)

Re: which monitoring do you use (on OpenBSD), Jiri B., (Wed Aug 11, 1:07 pm)

Re: which monitoring do you use (on OpenBSD), Brynet, (Wed Aug 11, 4:25 pm)

Re: which monitoring do you use (on OpenBSD), Kevin Chadwick, (Fri Aug 13, 6:36 am)

Re: which monitoring do you use (on OpenBSD), Toni Mueller, (Sat Aug 14, 2:21 am)

Re: which monitoring do you use (on OpenBSD), Stuart Henderson, (Sat Aug 14, 6:08 am)

Re: which monitoring do you use (on OpenBSD), Eugene Yunak, (Sat Aug 14, 1:59 pm)

Re: which monitoring do you use (on OpenBSD), Jiri B., (Sat Aug 14, 2:16 pm)

Re: which monitoring do you use (on OpenBSD), bofh, (Sat Aug 14, 2:28 pm)

Re: which monitoring do you use (on OpenBSD), Eugene Yunak, (Sat Aug 14, 6:32 pm)

Re: which monitoring do you use (on OpenBSD), Jason Dixon, (Sat Aug 14, 9:01 pm)

Re: which monitoring do you use (on OpenBSD), Bryan Irvine, (Sat Aug 14, 11:49 pm)

Re: which monitoring do you use (on OpenBSD), viq, (Sun Aug 15, 4:02 am)

Re: which monitoring do you use (on OpenBSD), viq, (Sun Aug 15, 4:09 am)

Re: which monitoring do you use (on OpenBSD), Toni Mueller, (Thu Oct 14, 6:36 am)


linux-kernel:
Greg Kroah-Hartman	[PATCH 01/75] platform: prefix MODALIAS with "platform:"
stephane eranian	Re: perf_counters issue with PERF_SAMPLE_GROUP
Mathieu Desnoyers	Re: Linux 2.6.25-rc2
Eric Sandeen	Re: [PATCH] xfs: do not pass unused params to xfs_flush_pages
Daniel Hazelton	Re: x86: 4kstacks default
git:
Johannes Schindelin	[PATCH] fetch: refuse to fetch into the current branch in a non-bare repository
Junio C Hamano	Re: [PATCH] http-push: making HTTP push more robust and more user-friendly
Oliver Kullmann	Re: how to move with history?
Alex Riesen	Re: git exclude patterns for directory
Andreas Ericsson	Re: why not TortoiseGit
linux-netdev:
Andi Kleen	Re: RFC: Nagle latency tuning
Herbert Xu	Re: Oops in tun: bisected to Limit amount of queued packets per device
gregkh	Patch "IPv6: keep route for tentative address" has been added to the 2.6.34-stable...
Patrick McHardy	Re: [rfc 02/13] [RFC 02/13] netfilter: nf_conntrack_sip: Add callid parser
Krzysztof Oledzki	Re: Error: an inet prefix is expected rather than "0/0".
git-commits-head:
Linux Kernel Mailing List	sh: Fix compile error by operands(mov.l) in sh3/entry.S
Linux Kernel Mailing List	New device ID for sc92031 [1088:2031]
Linux Kernel Mailing List	tmpfs: depend on shmem
Linux Kernel Mailing List	drivers/acpi: use kasprintf
Linux Kernel Mailing List	Staging: et131x: prune all the debug code
openbsd-misc:
Andres Salazar	About priorities in /etc/resolv.conf
Tonnerre LOMBARD	Re: bge0: watchdog timeout
ropers	Re: Real men don't attack straw men
Damien Miller	Re: Patching a SSH 'Weakness'
Tony Abernethy	Re: The Atheros story in much fewer words