Suggestions for better syslog server and viewer

[agilani]

Anyone have any recommendations for a better syslog server and viewer app for the qnap? I'm getting tired of having to maintain a vm to run elastic or graylog.

 

[sfx2000]

Anyone have any recommendations for a better syslog server and viewer app for the qnap? I'm getting tired of having to maintain a vm to run elastic or graylog.

Are you running a VM on the QNAP?

 

[agilani]

Are you running a VM on the QNAP?

at first i install elk on the qnap directly, but every time I'd update it it would wipe out all of the configs
then i installed it on a vm, but got tired of maintaining it separately
for now i'm using the build in syslog server which is the worst i've seen

with all of the qnap apps, i'm surprised there isn't a better one.

 

[sfx2000]

at first i install elk on the qnap directly, but every time I'd update it it would wipe out all of the configs
then i installed it on a vm, but got tired of maintaining it separately
for now i'm using the build in syslog server which is the worst i've seen

with all of the qnap apps, i'm surprised there isn't a better one.

Virtualization Station with Ubuntu 16.04 running the ELK stack was going to be my suggestion

(as @agilani notes above - running apps directly on QTS can be problematic, even if they're in the QTS app store)

Key thing I've learned over time is that with complicated apps like ELK, once one has a working config, treat it like a hive of angry bees when considering any changes - with a VM, one can isolate it and keep it secure with defense in depth.

(I like ELK, as it's similar to Splunk in many ways)

The built-in syslog viewer on QNAP is barely functional, I agree...

 

[agilani]

Virtualization Station with Ubuntu 16.04 running the ELK stack was going to be my suggestion

(as @agilani notes above - running apps directly on QTS can be problematic, even if they're in the QTS app store)

Key thing I've learned over time is that with complicated apps like ELK, once one has a working config, treat it like a hive of angry bees when considering any changes - with a VM, one can isolate it and keep it secure with defense in depth.

The built-in syslog viewer on QNAP is barely functional, I agree...

LOL,
agreed - every time i fiddle with it something breaks.

I even tried to use the elk docker containers, that was another bad idea.

Will probably try graylog next. I hate having to write a custom parser for it though.

 

[DiliMe]

I would be interested in case you have found an alternative solution.

 

[Samir]

The good old 3Com Daemon has always been a staple.

 

[DiliMe]

The good old 3Com Daemon has always been a staple.

As I remember this was for windows only

 

[Samir]

As I remember this was for windows only

Yes it is, but it will be easier to find one for windows than qnap's os.

 

[ddaenen1]

I have tried several over the past years. I had Kiwi for a while but it was running on my office PC under windows and i didn't want to leave that running day and night. Then i played around with PRTG and eventually also installed greylog on a spare server i had but it was just too much overkill and got rid of it again. Currently i am using the Log Center on my Synology but to be honest, that is not a very user-friendly solution either. I was hoping that sooner or later there would be a plugin in TrueNAS and now there is a greylog plugin but as mentioned before, too much for just browsing through logs and notification so i am very interested to learn who is using what..