Logging on UDP and TCP socket without monitoring

[vit1251]

Hello,

Could I suggest monitoring UDP/TCP port like syslog.

Thanx.

[mbok]

Hi,

thanks for the feature request! logsniffer's development is focused at the moment on log sources with a 'temporal' persistence like files, db. etc. For those logsniffer is going to provide the fastest and smartest log analysis experience. Stream log sources like UDP/TCP are in my mind a specialty of log forwarding tools like syslog, syslog-ng, rsyslog, fluentd etc. All this tools deal with network issues like security, reliability etc. very well. This is an area I actually don't see relevant for logsniffer due to the mentioned tools can be combined with logsniffer perfectly. Did you see my blog post about using syslog-ng for forwarding logs via UDP/TCP to a central destination with logsniffer installed on it for log analysis http://www.logsniffer.com/central-log-management-recipe/ ? Does it fit to your requirements?

Best, Michael

[vit1251]

@mbok You right service like syslogd may store and manage logging record. I will explain why syslogd is awkward and heavy solution. I have case when require more attention on one node in distributed micro service. I can dynamic setup configuration and switching logging flow to another syslog server for example on server with logsniffer and start debugging shortly as possible. It take a lot of time for reconfigure syslogd and keep ready configuration (and on grow you infrastructure you totally require a system of this logging platform). Now I simple handle by script all syslog message and merge in one logging file and later i filter it by grep. Another way is filtering by logsniffer on daemond is awsome ideas.