Information: Forum is in read-only mode
For details and other support options see https://www.adiscon.com/news/support-forum-set-to-read-only-mode/

remote bandwidth-limited devices and deferred log delivery

General discussions here

Moderator: alorbach

Google Ads


remote bandwidth-limited devices and deferred log delivery

Postby shirker » Wed Jan 31, 2018 6:35 pm

Hi,

I've searched around, but can find no mention of a solution for my problem - but it may be there, so please excuse any repetition if that's the case...

I have a large number of remote devices sitting on 3G/4G connections, which go merrily about their business, logging locally to flash storage, space-limited, so nicely rotated accordingly. To minimize the phone bill, only specific log messages are sent centrally, protected with TLS - e.g. for security events - so far all good...

On-demand (perhaps triggered by a device management agent), I need to upload all of those logs that have been stashed in flash - e.g. for device-specific trouble-shooting, forensics, etc.

Ideally, these historical log files travel to the same log server as those already-centralized security-related messages, so they can blend together seamlessly, and all be accessed coherently via the centralized log management toolset despite their delayed delivery. (file-transfer would be more efficient, though at this point the phone bill is the least of our worries, so I'll take the hit!).

It would be even better if this upload could also happen automatically on certain events, e.g. on recovery from a kernel panic, or other configurable events. Though the device management agent could potentially look after that automation too.

Any suggestions for off-the-shelf solutions, or if not, good approaches to weave such a solution in with rsyslog?

Cheers,
matt.
shirker
New
 
Posts: 1
Joined: Wed Jan 31, 2018 6:09 pm

Urgent Question?

  • Pulling out your Hair?
  • Wasting Time and Money?
  • Deadline Approaching?

Google Ads


Return to General

Who is online

Users browsing this forum: No registered users and 0 guests

cron