Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Has Anyone here tired splunk. This advertisement is going on my screen to day. It looks promising but wanting to know what others opinions are. Is it able monitor multiple servers or does each server need it's own install.. I am of course talking about one web server but mutiple servers being monitored by splunk.
Tell me you thoughts about this. Makes a great edition to server management. Also is there any other "like" packages that you would recommend.
Last edited by richinsc; 04-03-2007 at 09:39 AM.
Reason: Corrected Spelling
Yeah, I just installed it. Doesn't appear to do anything but pretty up the logs a bit and make it easier to search through them. Naturally, it asks you to buy it immediately, but it appears to not be too intrusive.
I was going to install it on my mail server when I got this message:
"Your datastore's directory structure does not seem to be correct. Do you want Splunk to correct it? [y/N]:"
That scares me. I'm going to google that right now.
I've been running Splunk for about 6 months now. I love it. Its much more than just making the logs pretty, it like google for everything in my infrastructure (logs, conf files, emails, you name it).
I have Splunk agents that forward to a central index (this required me purchasing a professional license) and I have other boxes that are using syslog-ng data to forward data over TCP 514 to my Splunk index.
That message you saw at startup: "Your datastore's directory structure does not seem to be correct. Do you want Splunk to correct it? [y/N]:" is refering to Splunk's index (they sometimes refer to the index as the datastore). My guess is that the location you specified for your index did not exist and Splunk was asking if you wanted it to create them or you moved your index but didn't update one of the conf files. Their support team is one of the most responsive groups I've dealt with, I bet if you sent them a note about your problem you would get a response in under a day.
Awesome. I never considered contacting them directly as I'm using the free version. I've actually just started using logs (gasp, I know) so this seems useful. I'm fairly sure our company will never blow $2,500 on systems administration tools.
Wondering if it would be a good solution for home use. I can't blow 2500 dollars on a sys admin tool just for the index forwarding...That is what I would need to because of the fact that I have multiple systems and would need to have information forwarded to index server to thereby display the information, I can see where it would save me time from having to log into each system.
I bet you could get away with a free license if your home load is under 500mb and you had all of your machines forward their logs via syslog. Your splunk instance could listen on 514 or tail the central syslog file
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.