Re: [exim] Analysis of Exim Log data

Etusivu
Poista viesti
Vastaa
Lähettäjä: Matthew Newton
Päiväys:  
Vastaanottaja: Dean Hamstead
Kopio: exim-users
Aihe: Re: [exim] Analysis of Exim Log data
On Wed, Aug 17, 2016 at 01:58:10PM +1000, Dean Hamstead wrote:
> I have reworked this a few times for various projects
>
> http://www.le.ac.uk/users/mcn4/exim-snmp-stats/


Wow, I don't even remember writing that...!

So even more surprised that anyone still uses it :)

I don't even use it's successor, "statcounter", any more (though I
don't think I ever published that). These days I feed the logs
into elasticsearch via logstash, and plot with kibana.

I started my "ELK adventure" by following Graeme's blog at
https://graemef.wordpress.com/tech-stuff/exim-logstash/ a couple
of years ago, and the mappings for exim used there are still
largely what we use today, though hoping to rebuild the exim
indexes soon with new mappings that are more suited to the way
exim logs things.

Since everyone saw Kibana, nobody really cares anymore about RRD
type graphs for log files. Though we do lack the historical
aspect, as we purge log files after a few months.

If I were starting from scratch now, I would feed the logs into
elasticsearch via logstash, and then take the log data from there
(either at the logstash stage, or by reading from elasticsearch)
and distil into stats that can be fed into graphite or rrdtool (or
even another elasticsearch "stats only" index) for more historical
trends. That way gives the best of both worlds.

Matthew



--
Matthew Newton, Ph.D. <mcn4@???>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp@???>