Suggestions for better syslog server and viewer

agilani

Very Senior Member
Anyone have any recommendations for a better syslog server and viewer app for the qnap? I'm getting tired of having to maintain a vm to run elastic or graylog.
 

sfx2000

Part of the Furniture
Anyone have any recommendations for a better syslog server and viewer app for the qnap? I'm getting tired of having to maintain a vm to run elastic or graylog.

Are you running a VM on the QNAP?
 

agilani

Very Senior Member
Are you running a VM on the QNAP?

at first i install elk on the qnap directly, but every time I'd update it it would wipe out all of the configs
then i installed it on a vm, but got tired of maintaining it separately
for now i'm using the build in syslog server which is the worst i've seen

with all of the qnap apps, i'm surprised there isn't a better one.
 

sfx2000

Part of the Furniture
at first i install elk on the qnap directly, but every time I'd update it it would wipe out all of the configs
then i installed it on a vm, but got tired of maintaining it separately
for now i'm using the build in syslog server which is the worst i've seen

with all of the qnap apps, i'm surprised there isn't a better one.

Virtualization Station with Ubuntu 16.04 running the ELK stack was going to be my suggestion :D

(as @agilani notes above - running apps directly on QTS can be problematic, even if they're in the QTS app store)

Key thing I've learned over time is that with complicated apps like ELK, once one has a working config, treat it like a hive of angry bees when considering any changes - with a VM, one can isolate it and keep it secure with defense in depth.

(I like ELK, as it's similar to Splunk in many ways)

The built-in syslog viewer on QNAP is barely functional, I agree...
 

agilani

Very Senior Member
Virtualization Station with Ubuntu 16.04 running the ELK stack was going to be my suggestion :D

(as @agilani notes above - running apps directly on QTS can be problematic, even if they're in the QTS app store)

Key thing I've learned over time is that with complicated apps like ELK, once one has a working config, treat it like a hive of angry bees when considering any changes - with a VM, one can isolate it and keep it secure with defense in depth.

The built-in syslog viewer on QNAP is barely functional, I agree...

LOL,
agreed - every time i fiddle with it something breaks.

I even tried to use the elk docker containers, that was another bad idea.

Will probably try graylog next. I hate having to write a custom parser for it though.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top