Skip to content

Logging

The more you have, the more you need

Image generated by MagicStudio AI

When I surpassed 3 servers managed I started to feel the need to have better visibility into what was going on. At first my ecosystem was all Ubuntu based so Cockpit as a centralized view was obvious and that grew to about 7 servers logging managed this way. At this point I was administering a Wireguard server so all the connectivity for this was within a private tunnel 👍️ NO open ports... Except for your already established VPN port that you chose at random right? python -c "import random; print random.randint(1025,49151)" 😜

Distro Agnostic

Networks and system configs got more complicated with things like L2 managed Cisco switches, UPS batteries, non Debian based distributions, Windows. I needed to find a better way to centralize this data.

In the next couple posts I will cover a couple logging methods, log rotation, inspection, response.

Dashboards

Visual dashboard help make sense of all this data so we will cover searching and visualizations of the data as well.

Self-Hosted vs. Hosted

Both have their merits but its painfully obvious that I'm a self hoster' to the core. I have been fooling around with Azure for the first time and I think one of my first projects may be to play around with Azure Monitor Agent.