Is sysklogd needed?

[brononius]

Hey,

I noticed that today, sysklogd is used for the syslogging.
Is this a requirement? Or can I change this with fe rsyslog or syslog-ng?

Reason for me asking this that i would like to add a more 'GUI' based syslogging.
And also use the server for other purposes like collecting the syslogs of other machines in my network...

[Marie.O]

afaik there is nothing in LinuxMCE that says we must have sysklogd

[brononius]

Great...

I've just installed rsyslog, and with the cacti module, i know have a nice GUI to see my logs...
Still some finetuning to do, but already i see some errors of my server that i should investigate.

[brononius]

An example of how my syslogs are looking.

Easier to look, quicker interaction/search...
At least i see that i've got a problem with my second disk for the moment...

[mkbrown69]

Nice work brononi!

Are you using the MySQL backend for rsyslog, or is cacti just parsing the logs?  If you want to get fancy, you can enable remote syslog sending on your MD's, listening on the core, and then you can run a central syslog server on the core.  We do that at work for the security guys.  Linksys and OpenWRT routers (and a few others) support sending their syslog output to a syslog host, so you could incorporate that if you wanted...

Just an FYI, Ubuntu 10.04 and newer use rsyslog.  I think most modern distros have ditched ksyslogd for rsyslog.

You might want to put up a wiki page (even if it's on your own user page) so that others can follow in your footsteps and play around with it.  It might stir up the creative juices...

In my case, I've been running collectd on my KVM virtual host and in the guests, as it can hook into the stats provided by libvirt on the host, and I can also see what's happening inside the guest via the collectd daemon running there.  To keep the stats fresh and the system responsive, I put the RRD's on a 4 GB logical volume on an SSD (I do the same with my existing MythTV/MySQL production system, and the MySQL used by my LMCE 10.04 virtual core that I'm testing (/var/lib/mysql for each of them is it's own logical volume on the SSD on the host).  Keeps the databases performing nicely and the system responsive.  Your Cacti implementation looks interesting, as some have used Cacti as a front end for the RRD's provided by collectd.

Thanks, and Happy New Year!

/Mike

[brononius]

Are you using the MySQL backend for rsyslog, or is cacti just parsing the logs?

Nope, i'm using the mysql backend.

If you want to get fancy, you can enable remote syslog sending on your MD's, listening on the core, and then you can run a central syslog server on the core.

Other devices in my network (like the switch, routers, power sensors...) are already sending their logs to the linuxMCE machine. This is/was the whole meaning of using linuxmce.That it won't only control my infrastructure, but also monitor it. And warn me about problems. fe i receive almost daily a mail from cacti that my power consumption hits 4KW. So then i know that my girlfriend is preparing some food for me...

You might want to put up a wiki page ... so that others can follow in your footsteps...

You're right, but you know, written documentation is so hard. Trying to recall each step you made...
But i promise, next week, i'll install a new linuxmce server, and redo the whole installation of cacti with all plugins/steps...