One log to rule them all.
It would be good to have logstash for at least tools-ops logs, which includes
- basic system logging (dmesg / syslog)
- all the mails that now end up in my inbox ;-)
- infra logging (puppet, apt, diamond)
- mail (exim on tools-mailrelay)
- SGE (what kind of logs do we have there?)
- bigbrother actions
- Redis?
- ssh (also useful to help people with issues logging in)
Most importantly in practice would be the logs that relate to warnings from shinken-wm, which includes:
- puppet staleness/failures
- ssh
and the issues we get mails about, which are:
- sge
- apt
- raid??
- exim paniclog