Operations | Monitoring | ITSM | DevOps | Cloud

In the log aggregation game, the biggest difficulty you face can be setting up parsing rules for your logs. To qualify this statement: simply getting log files into Graylog is easy. Graylog also has out-of-the-box parsing of a wide variety of common log sources, so if your logs fall into one of the many categories of log for which there is either a dedicated Input; a dedicated Illuminate component; or that uses a defined Syslog format; then yes, parsing logs is also easy.

On the information superhighway, an IP address is a series of numbers telling the location of a digital resource, similar to having a street address for a building. However, when all you know is the street address, you have no idea what the building itself looks like. If you’re a visual person, you might insert that address into Google Maps to pull up a picture of the building so you have a marker to help find a drive.

If you’ve dropped your house key in tall grass, you know how difficult it is to locate a small item hiding in an overgrown field. Perhaps, you borrowed a metal detector from a friend, then returned to the field hoping to get the loud beep that indicates finding metal in an otherwise organic area. Trying to find patterns in strings of data is the same process.

When you get behind the wheel of your car, one of the first things you see is the dashboard. Your dashboard provides various information about all the different technologies that make the car run smoothly, like helping you control your speed, providing insight into your fuel levels, and offering suggestions for regular maintenance, like oil changes. For developers, Kubernetes acts as that one-glance dashboard to provide insights about container performance, maintenance needs, and storage requirements.

Syslog was developed in the 1980s by Eric Allman as part of the Sendmail project and adopted by many systems over the years. When looking at Syslog, there are a few protocol options, each with slight differences. In this reference guide, I’ll break down the differences so that you have a guide to see these formats when utilizing this protocol.