As the title says, what logging and/or alerting setup do you have? I’ve used graylog in the past, but find it a bit too complex and “heavy”. I would like to something a bit more lightweight. Alternatives I’ve looked into:
- Dozzle - this looks nice, and would have been a perfect fit but it looks like it’s only for docker containers, I would like to collect all syslogs and everything in one place
- Grafana Loki - Haven’t looked too much into this, but considering replacing Graylog with this. I don’t know if it feels less complex so I’m a bit on the fence.
Any other recommendations?
I found graylog and the likes nice but as you said heavy on resources. I now have a central rsyslog server (on debian 12) that first does some filtering of log lines I don’t care about and then stores log in postgress. Grafana lives on that same host and I’m very happy with it. It performs quite well with just a fraction of resources graylog had as bare minimum. (The server has 4 sockets and 8Gb mem, storage to SSD while 4 firewalls, 3 switches, 4 AP’s and 20 servers logging to it) In the proxmox console I see 2Gb mem is used and the cpu is bored (<5%)
Graylog is probably one of the more simple log aggregators out there, so if that was a bit much, you’re in for a surprise.
SigNoz is probably the best all in one tooling out there at the moment. It’s also a bit heavy, but it’s an open source alternator DataDog, so there’s a lot happening.