We’re continually iterating on Lumberjack, our centralized log management tool powered by artificial intelligence.
So today we’re pleased to announce that Lumberjack now supports collecting from Journald server logs.
Advantages of Journald vs. Syslog
For those who have been sysadmins and DevOps engineers for a while, you will remember that the advent of Journald in 2011 was introduced to replace Syslog as the built-in solution for aggregating logs in Linux. Journald fixed many of the limitations that syslog has fermented in its 30-year lifespan, such as being limited to plain text files, unnecessary complexity, and the famed “regex horrors.”
Journald Has Its Own Limitations
But in the past 6 years since Journald was introduced, it itself has demonstrated its weaknesses in modern infrastructure (read: cloud) environments. Difficulties such as remote logging limit its usefulness in aggregating all of your systems’ log entries.
That’s where centralized log management with Lumberjack’s new Journald support make your dashboard more complete. Now, not only aggregate all your server logs, but also learn from all your Journald log messages as well.
How do I Add Journald Watches to Lumberjack?
We thought you’d never ask. It’s really easy:
(1) Navigate to the Journald tab in sources and click add watch
(2) Enter the journald unit and the lifecycle and tags just like with other Lumberjack watches
(3) New log entries will appear in the dashboard and explorer within 10 minutes
Please let us know your feedback with using Journald watches in Lumberjack by contacting Support.
If you don’t already have Lumberjack installed on your systems, get it here on a free 14-day trial (no credit card required). It does the things you wish Splunk would do, like real-time analysis, for a price you’d be happy to leave Splunk to get.
Blue Matador Staff
We are the world's first & only recommendation engine for preventing downtime. Receive specific action items to proactively fix your infrastructure.