A customer has a number of different devices on the network: Cisco switches, Vyatta routers, Linux servers, VMware hosts and guests, .... All these devices generate various kinds of log files. The goal is get all these logs transmitted over to one platform for review and analysis. Splunk is the most well known, but can have onerous licensing fees. For smaller organizations, something like Fluentd might be more value oriented.
From an initial view, I think I'll need a two or more blog entries in order to describe my experience with getting Fluentd up and running. The first entry reflects what I did to get Fluentd up and running on a single server, with logs originating from that one server. The second entry will describe what it takes to get Fluentd working in a more distributed manner.
For this first article, I found that the installation mechanism for the most recent versions of Fluentd deviate somewhat from what is generally documented. I had to search through a number of sites in order to piece together what I needed for a working configuration. The platform used is Ubuntu, based upon ubuntu-14.04-server-amd64.iso image. Continue reading "Fluentd-ElasticSearch-Kibana Installation and..." »