Analyze log files with splunk
Posted on 18th August 2007 by TaggyMaintaining a unix/linux based server is not easy ,especially with so many log files and if you were to trace an attack on your system ,it goes from /var/log /whatnot :) .
Many a times when i needed to look at some clean logs like my sendmail logs ,http logs ,looking through the text files can be a horrible experience .
Today i came upon splunk .Its a wonderful tool to analyze log files and provides you with an easy and intuitive user interface .
First the screenshots
And another ..
Steps to get splunk up and running
- Download Link
- tar -zxvf filename.tar.gz
- cd filename
- ./bin/setSplunkEnv
- ./bin/splunk
and now you must be able to run splunk ,and visit the splunk page at http://localhost:8000
Its a very useful and iam sure setting it up :) may be for those who maintain big servers should take a look at it .
[tags]splunk,server[/tags]
Hmm…..looks great, that’s onto my TODO.. :)
Praveen,
You might want to take a look at EventTracker. It is a far more robust and scalable solution. Call me if you’d like discuss this or check out a live demonstration.
Regards,
Sam
443-539-3744
