|
|
|
|
|
|
by newaccoutnas
2512 days ago
|
|
|
There's RELP[1] but if you can don't use syslog's protocol. You could use something like the beat protocol (if using ELK stack) or just a plain old message queue. Things like logstash (and fluentd etc) can have multiple input/output targets. You'd have something like filebeat or fluentd reading the logs locally and then shipping via that protocol to a central system where they'd be ingested. For application logging, definitely use structured data (like JSON, for example) over log-lines. It's easier to parse in the long-run. 1: https://en.wikipedia.org/wiki/Reliable_Event_Logging_Protoco... |
|
|