[tor-bugs] #29393 [Internal Services/Tor Sysadmin Team]: Set up a loghost
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 25 19:32:22 UTC 2019
#29393: Set up a loghost
-------------------------------------------------+---------------------
Reporter: ln5 | Owner: tpa
Type: task | Status: new
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+---------------------
Comment (by anarcat):
so just to formalize this, here are the questions we should answer first
here:
1. what is the purpose of setting up a log host? I can imagine a few
reasons myself, but would prefer if that was stated in the request
2. do we use syslog or something else that's more searchable? (ELK, Loki,
etc)
3. do we still log on the individual hosts? or do we '''forward''' all
the logs on the central server and keep nothing locally? (because that
could break stuff like the postfix exporter)
4. what about non-syslog logs? should those be centralized as well?
5. which hardware?
I'd be down for setting up something like this and, in the infrared
working groups, there's been talk of looking at this problem specifically.
I know a fellow sysadmin has been experimenting with "log forwarding" that
is, a simple syslogd running on a central server, and all other syslogd
'''forward''' their logs to the server, and write nothing locally. They
are worried about disks being overloaded with I/O and things relying on
logs on the remote servers being present, but so far things go well.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29393#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list