This article details all the steps needed to build a centralized logging architecture on Linux systems. If you are a Linux system administrator, you probably spend a lot of time browsing your log files in order to find relevant information about past events. Most of the time, you are not working with a single machine, but with many different Linux machines, each having its own local log storage. Now if you were to browse logs for many different machines, you would have to individually connect to every single one of them, locate logs and try to find the information that you are looking for. This is of course in the case where you can physically access the machine, presupposing that the machine is up and that you are not denied the access to it.
Brendan Gregg , 2 months agoBPF Performance Tools: Linux System And Application Observability (Book)
BPF (eBPF) tracing is a superpower that can analyze everything, and I'll show you how in my upcoming..