[Freeipa-users] Setting up IPA to log remotely
Josh
jokajak at gmail.com
Tue Jun 3 10:53:33 UTC 2014
On Jun 3, 2014, at 4:37 AM, Innes, Duncan <Duncan.Innes at virginmoney.com> wrote:
> I'm starting to log IPA to a central point too. I'd hoped the A part of
> IPA would have arrived, but other functionality has pushed it down the
> priority list. Would be good to see it arrive as something integrated
> with systemd/journald with fully separated log fields instead of a
> simple log text line.
>
> For now, rsyslog does a decent job of sending the logs over the network
> and I'm using logstash to parse logs and pop them into elasticsearch for
> analysing via Kibana. I've had most trouble with the rsyslog side of
> things, but that's because I tried to get rsyslog to send in JSON format
> rather than plain text. Once I reigned in my ambition, it proved to be
> somewhat easier -
>
Any chance you could share your kibana configuration?
> All I've added to RHEL6 client is a file /etc/rsyslog.d/logstash.conf
> with contents:
>
> *.* @logstash.example.com:5544
>
> and (firewalls permitting) my logs end up at the logstash server for
> parsing.
>
> Duncan
<snip>
-josh
More information about the Freeipa-users
mailing list