Maintaining a unix/linux based server is not easy ,especially with so many log files and if you were to trace an attack on your system ,it goes from /var/log /whatnot :) .
Many a times when i needed to look at some clean logs like my sendmail logs ,http logs ,looking through the text files can be a horrible experience .
Today i came upon splunk .Its a wonderful tool to analyze log files and provides you with an easy and intuitive user interface .
First the screenshots
And another ..
Steps to get splunk up and running
- Download Link
- tar -zxvf filename.tar.gz
- cd filename
- ./bin/setSplunkEnv
- ./bin/splunk
and now you must be able to run splunk ,and visit the splunk page at http://localhost:8000
Its a very useful and iam sure setting it up :) may be for those who maintain big servers should take a look at it .
[tags]splunk,server[/tags]
Iam Theyagarajan S ( 'taggy') . to know more ,head out to
