[pve-devel] pve-firewall: using NFLOG
Alexandre DERUMIER
aderumier at odiso.com
Fri Mar 14 14:43:10 CET 2014
>>Should we log anything else?
I'll test it this weekend, but I think it's ok like this
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>
Cc: "Eric Blevins" <eric at netwalk.com>, pve-devel at pve.proxmox.com
Envoyé: Vendredi 14 Mars 2014 13:21:12
Objet: RE: [pve-devel] pve-firewall: using NFLOG
> >>The whole point is that I want to have local files with "easy to
> >>parse" format, so that we can view them easily and "fast" (those files can
> have many entries!).
> yes, no problem for local file
Just applied a patch to improve the log format to:
<VMID> <LOGLEVEL> <CHAIN> <TIME> <TIMEZONE> <MSG>
see https://git.proxmox.com/?p=pve-firewall.git;a=commitdiff;h=782c4cde6b9e07130531b486f33d43234a2805ae
Should we log anything else?
> >>So I would like to have code to send data direct to log servers (using syslog
> protocol, or json, ...)
> >>We need that for pveproxy and pvefw-logger.
> >>
> >>What do you think?
> Yes, I really need a central log server, it's easier to debug, with the firewalls
> on each host, in case of a ddos for example.
>
>
> I'll check about logstash and input formats.
Thanks.
More information about the pve-devel
mailing list