Decentralized Log and Centralized Log Analysis
- To demonstrate this i will be installing
- Apache on linux
- IIS on Windows Server
- Some application on linux Server
- I will use this applications & then lets understand the logs.
Each application/operating system logs the data somewhere, but
- They have different formats
- Logs are text records which are not queryable.
- Logs are located in the respective servers, searching for error message by login into each server will be a cumbersome activity this is decentralized logging.
- If we export the logs from all the servers into some common/central location this is referred as centralized log server.
- If we can make logs queryable it will save much more time.
- If we can build charts then it would be much easier to troubleshoot.
Generalized Architecture for Centralized Logging
Elastic Stack Architecture