[syslog-ng] collecting SAR data
Jim Hendrick
james.r.hendrick at gmail.com
Tue Oct 17 15:34:53 UTC 2017
Hi,
Does anyone have experience pulling performance data from sysstat (sar)
with syslog-ng (or even *cough* rsyslog...)
Looking to automate the performance metrics and it seems like it should
be straightforward.
What I would like is to pull the text output that is generated every ~10
minutes by default without having to run a different cron across all the
systems.
(that is - I get that I could probably modify the "sa1" script or write
another one to dump the data to a socket or something for syslog to pick
up. I am hoping to just do something to monitor the data that is
automatically generated. - something like using any file in
/var/log/sa/sar?? as a source)
The end system (for me at the moment) would be splunk so parsing the
different format data *could* be pushed to that end or could be done with
patterndb or something else on the syslog-ng side.
Thoughts?
Thanks in advance!!
Jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20171017/7c612fd5/attachment.html>
More information about the syslog-ng
mailing list