Archive
Posts in Monitoring
Riemann and the case of the unhappy system call
This past weekend I spent a good deal of time playing with riemann. Riemann is a powerful stream processor and I'm hoping to use it to correlated and analyze metrics from disparate data sources. After downloading and installing it I received the following error: Not exactly what I was exepecting on our first date but I guess riemann plays hard to get. :) To make a little more sense out of this error I fired up strace to retrieve the ERRNO value and to see which system call was failing: Now that hits the spot…
$ read more →Visualizing syslog data with LogAnalyzer and rsyslog-mysql
I recently discussed setting up rsyslog to write syslog data to a MySQL databas e. Once you get this set up, you can start writing SQL statements to view the data in various ways. The next logical step is visualizing your data, and that's where LogAnalyzer comes in. LogAnalyzer is a PHP application that can be used to visualize syslog data…
$ read more →How to get around the PHP strftime() It is not safe to rely on the system's timezone settings warning
When I was playing around with the LogAnalyzer Statistics page I received the following error in each of the display boxes: In the error message it provides two solutions to address this issue: Use the date.timezone php.ini entry. Call date_default_timezone_set() to set the timezone. I went with #1 and set date.timezone to the following: I restarted Apache and everything is now working. I like easy fixes…
$ read more →Using the rsyslog MySQL plug-in to send syslog data to a SQL database
I have been experimenting with ways to better manage the logs my servers generate. Depending on who you ask, folks will recommend sending your logs to a remote syslog server that writes the logs to disk, some may recommend sending it to a log analysis tool similar to splunk, and others would recommend feeding it to a SQL database. I've talked before about setting up syslog-ng for remote logging, and in this case I wanted to experiment with something new. I also didn't have money to buy a tool like splunk, so I decided to start experimenting with funneling syslog data into a MyQSL database…
$ read more →Debugging syslog-ng problems
While debugging the syslog-ng issue I mentioned previously, I needed to be able to observe the syslog-ng pattern matches as they occurred. The syslog-ng daemon has a couple of useful options to assist with this. The first is the "-e" option, which causes the daemon to log to stdout. The second is the "-F" option, which stops the daemon from forking…
$ read more →