Tag-Archive for ◊ splunk ◊

The server every admin needs, part 3
Thursday, July 16th, 2009 | Author: Ozzik

So here we go, we have Xymon, Ntop and Plone already installed.
We’re left with Splunk, syslog-ng and a small surprise afterwords.

Splunk is not really an open source software, but it’s definitely the best there is so far. It is free though, I mean, if you have less than 500MB of indexed data a day. Some will say it’s way more than they need, but then again some will say they have 10 times more than that on a least busiest day.
I do know that if you want to get a license - it will cost a lot of money. I think they even removed the prices from their website - not to scare people off:) To download the software you’ll have to register - no big deal.

Download it from here. Note, this line when you choose your version: 2.4+ kernel Linux distributions with NPTL / x86 2.6+ kernel Linux distributions / x86.
It’s not very clear, but if you need x86 - this is the one you want, don’t be fooled by the 2.4 kernel at the beginning of the line. I was - downloaded the 64bit version instead and set for 15 minutes trying to figure out why it’s not working.
more…

VN:F [1.9.6_1107]
Rating: 10.0/10 (1 vote cast)
VN:F [1.9.6_1107]
Rating: 0 (from 0 votes)
Category: Admin's scene  | Tags: , , , , , , , , ,  | Leave a Comment
The server every admin needs
Wednesday, July 15th, 2009 | Author: Ozzik

Hi,

Over the years working in IT I came to a conclusion every admin comes to - you have to have a server that does all the things that sometimes you underestimate the importance of.  Those would be logging, monitoring, documenting, analyzing. If you’re not new to this field - you’ll sure know what I’m talking about, but if you are - this may very well be the guide to your future professional happiness:)

Anyway, there are tons, and I mean tons of software willing to do those tasks, so 9 out of 10 people will jump and say they use a better one. But the ones I’m gonna discuss here are the ones that worked for me for some specific reason, or maybe even without one;)

So what are we building? We’re gonna build a monitoring server that uses Xymon(ex-Hobbit) software, Syslog-ng logging, Ntop network traffic probe, Plone documentation server and Splunk log analyzer.  I also plan to add the Observer for SNMP or otherwise integrate SNMP into Xymon. But that’s later. Just FYI I built this server to serve my own needs about 2 years ago, starting only with Hobbit and adding all the other software according to the needs, but as the new versions of software and OS were released I decided to rebuild the whole thing instead of upgrading. This time I documented the whole thing too. So let’s get to it.
more…

VN:F [1.9.6_1107]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.6_1107]
Rating: 0 (from 0 votes)
Category: Admin's scene  | Tags: , , , , , , , , , , ,  | Leave a Comment