pwncollege / dojo

Infrastructure powering the pwn.college dojo
https://pwn.college
BSD 2-Clause "Simplified" License
298 stars 99 forks source link

Improved Logging #91

Open ConnorNelson opened 2 years ago

ConnorNelson commented 2 years ago

Analyzing and grabbing logs is terrible.

For example, docker logs nginx_proxy is an incredibly slow command that goes back through months of history. docker logs --since=1m nginx_proxy takes forever to process.

We should reconfigure logging: https://docs.docker.com/config/containers/logging/configure/

I hear splunk is cool, we should configure logging to splunk. It also seems we can do some "dual logging capability". Maybe we can keep the last week of logs (might have to specify with a file size only), and then also log to splunk. Hopefully we can just put a splunk key into our config.env, and roll from there.

ConnorNelson commented 2 years ago

Or actually lets be FOSS and go the fluentd route:

https://docs.fluentd.org/v/0.12/articles/free-alternative-to-splunk-by-fluentd