I’m looking for a tool to monitor syslog traffic.
I have tried graylog and many other but not really found one tool i was happy with. Then i thought about icinga which i was looking into once back in the day.
I also decided to go with docker because… well many reasons.
My problem with these decisions is the learning curve since im new to icinga and docker.
I got icinga up and running in docker faily easy, nice job on the documentation there.
then i snooped around a bit and finally decided to go about trying out syslog monitoring.
I found this in the documentation:
So it seams i need to add sysloger as a object type. But i’m a bit confused as how to use the documentation in a docker context? if i need to at all?
I can see lots of the client setups in icinga is done thought conf files in a txt editor much like nagios but should i also edit conf files when using docker? cause this seems a little more tricky for furture setups?
basicly im just going for a icinga setup that just eats up and processes ANY syslog input it may get on port 514 udp/tcp
could someone push me in the right direction? i would be graetfull cause now i seem a little stuck