1. IT宝库
  2. 编程技术问答
  3. 其他开发
  4. 聚集多个服务器的多个日志文件的最佳方法

聚集多个服务器的多个日志文件的最佳方法[英] Best way to aggregate multiple log files from several servers

 

本文是小编为大家收集整理的关于聚集多个服务器的多个日志文件的最佳方法的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。

问题描述

我需要一种简单的方法来监视在许多HP-UX服务器上分布的多个文本日志文件.它们是来自几个分布式旧系统的文本和XML日志文件的混合.目前,我们只是向服务器进行SSH,并使用 tail -f 和 grep ,但是当您有很多日志以跟踪.

时,这并没有扩展.

由于日志的格式不同,只有文件夹中的文件(当它们达到一定尺寸时自动旋转),所以我都需要远程收集它们,并且每一个都不同.

我最初的想法是制作一个简单的守护程序进程,我可以使用每个文件类型的自定义文件读取器在每个服务器上运行,以将其解析为可以通过套接字通过网络导出的通用格式.另一个在本地运行的查看器程序将连接到这些插座,并在某些简单的选项卡式GUI或汇总到控制台中显示解析的日志.

如果我以这种方式实施,我应该尝试哪种日志格式?

还有其他简单的方法吗?我是否应该尝试将日志文件转换为log4j格式,以与 Chainsaw 可以连接到远程插座吗?我可以使用 baretail 18632/how-to-monitor-a-a-text-file-in-eartime#18690">另一个日志问题?这不是一个 spristivly分布式系统并更改所有应用程序的当前记录实现使用UDP广播或将消息放在JMS队列上不是一个选项.

推荐答案

选项:

  1. 使用套接字载体直接将所有日志发送到1服务器. (这可能会妨碍性能并添加单点故障.)
  2. 使用脚本汇总数据.我使用SCP,SSH和身份验证键,允许我的脚本从所有服务器中获取数据,而无需任何登录提示.

其他推荐答案

可能是观看实时日志的最轻重量解决方案是使用舞者的外壳在与尾部-f:

的并发模式下 
dsh -Mac -- tail -f /var/log/apache/*.log
  • -a适用于您在〜/.dsh/Machines.list.list.list
    • 中定义的所有机器名称
  • -c用于尾巴的并发运行
  • -m将主机名预先为输出线.

其他推荐答案

我们使用下面的简单外壳脚本.显然,您必须对其进行一些调整以告诉它不同的文件名,并决定要在哪个框中找到哪个框,但您会得到基本想法.在我们的情况下,我们在多个盒子上的同一位置尾随文件.这需要通过存储键而不是输入密码的SSH身份验证.

#!/bin/bash
FILE=$1
for box in box1.foo.com box2.foo.com box3.foo.com box4.foo.com; do
     ssh $box tail -f $FILE &
done

关于迈克·芬克(Mike Funk)的评论 用 ^c杀死尾巴,我将上面存储在一个名为Multitails.sh的文件中 并将以下内容附加到它的末尾.这将创建一个kill_multitails.sh文件 完成尾巴后运行,然后删除自身. 

# create a bash script to kill off 
# all the tails when you're done
# run kill_multitails.sh when you're finished

echo '#!/bin/sh' > kill_multitails.sh
chmod 755 kill_multitails.sh
echo "$(ps -awx | grep $FILE)" > kill_multitails_ids
perl -pi -e 's/^(\d+).*/kill -9 $1/g' kill_multitails_ids
cat kill_multitails_ids >> kill_multitails.sh
echo "echo 'running ps for it'" >> kill_multitails.sh
echo "ps -awx | grep $FILE" >> kill_multitails.sh
echo "rm kill_multitails.sh" >> kill_multitails.sh
rm kill_multitails_ids


wait

本文地址:https://www.itbaoku.cn/post/1574747.html

百度翻译此文   有道翻译此文

问题描述

I need a simple way to monitor multiple text log files distributed over a number of HP-UX servers. They are a mix of text and XML log files from several distributed legacy systems. Currently we just ssh to the servers and use tail -f and grep, but that doesn't scale when you have many logs to keep track of.

Since the logs are in different formats and just files in folders (automatically rotated when they reach a certain size) I need to both collect them remotely and parse each one differently.

My initial thought was to make a simple daemon process that I can run on each server using a custom file reader for each file type to parse it into a common format that can be exported over the network via a socket. Another viewer program running locally will connect to these sockets and show the parsed logs in some simple tabbed GUI or aggregated to a console.

What log format should I try to convert to if I am to implement it this way?

Is there some other easier way? Should I attempt to translate the log files to the log4j format to use with Chainsaw or are there better log viewers that can connect to remote sockets? Could I use BareTail as suggested in another log question? This is not a massivly distributed system and changing the current logging implementations for all applications to use UDP broadcast or put messages on a JMS queue is not an option.

推荐答案

Options:

  1. Use a SocketAppender to send all logs to 1 server directly. (This could serverly hamper performance and add a single point of failure.)
  2. Use scripts to aggregate the data. I use scp, ssh, and authentication keys to allow my scripts to get data from all servers without any login prompts.

其他推荐答案

Probably the lightest-weight solution for real-time log watching is to use Dancer's shell in concurrent mode with tail -f:

dsh -Mac -- tail -f /var/log/apache/*.log
  • The -a is for all machine names that you've defined in ~/.dsh/machines.list
  • The -c is for concurrent running of tail
  • The -M prepends the hostname to every line of output.

其他推荐答案

We use a simple shell script like the one below. You'd, obviously, have to tweak it somewhat to tell it about the different file names and decide which box to look for which on but you get the basic idea. In our case we are tailing a file at the same location on multiple boxes. This requires ssh authentication via stored keys instead of typing in passwords.

#!/bin/bash
FILE=$1
for box in box1.foo.com box2.foo.com box3.foo.com box4.foo.com; do
     ssh $box tail -f $FILE &
done

Regarding Mike Funk's comment about not being able to kill the tailing with ^C, I store the above in a file called multitails.sh and appended the following to the end of it. This creates a kill_multitails.sh file which you run when you're done tailing, and then it deletes itself. 

# create a bash script to kill off 
# all the tails when you're done
# run kill_multitails.sh when you're finished

echo '#!/bin/sh' > kill_multitails.sh
chmod 755 kill_multitails.sh
echo "$(ps -awx | grep $FILE)" > kill_multitails_ids
perl -pi -e 's/^(\d+).*/kill -9 $1/g' kill_multitails_ids
cat kill_multitails_ids >> kill_multitails.sh
echo "echo 'running ps for it'" >> kill_multitails.sh
echo "ps -awx | grep $FILE" >> kill_multitails.sh
echo "rm kill_multitails.sh" >> kill_multitails.sh
rm kill_multitails_ids


wait
上一篇:解析一个log4j日志文件
下一篇:如何配置tomcat 6的logs/catalina.out,用于每个应用。(为sys.out、sys.err配置web-app特定的日志文件)
相关问答
  向服务器上传/下载多个文件的更好方法
  Apache服务器-多个目录,不同的错误日志
  从FTP服务器下载多个文件
  从Web服务器下载多个文件
  服务器和日志文件
  扩展多个服务器
  部署到多个服务器上
  使用多个服务器
  NamedPipe多个服务器
  用php上传多个文件到服务器,而不是上传所有文件到服务器
更多内容  更多相关问答
相关标签/搜索
android upload apache2 error-log c# ftpwebrequest C#2.0 C# java