srvlog - Lightweight Logs Collector System.

Supported logs formats and channels:

syslog;
logback;
snort payloads correlated with ossec alerts.

All logs are being collected in MariaDB database (MySQL supported too) and then indexed and searched by Sphinx. The middle-layer and front-end is written in pure Java hence it can be installed on many OS platforms which supported by Java, MariaDB and Sphinx.

srvlog can be used in the projects where centralized logging solution is required. As an example of such requirements is PCI DSS requirements 10.1-10.2

Software requirements:

JDK 17.0.10 and higher;
MariaDB 10.0.x and higher;
sphinxsearch 3.6.1 and higher.

Minimum system requirements:

4GB RAM;
100GB Disk space (for up to 200 thousands logs per day )
Intell i5, i7, Xeon processors.

Building and starting embedded srvlog jetty server

Build uber-jar file:

mvn clean package

Set environment variables required for embedded server:

export JETTY_PORT=8080 # server port
export JETTY_CONTEXT=/srvlog # web application context path
export JETTY_ENV_CONFIG_PATH=/path/to/jetty-env-ui.xml # server env config xml
export WEB_DESCRIPTOR_PATH=/path/to/web.xml # web application config xml
export WEB_SOCKET_ENDPOINT_PATH=/ws-log # web socket endpoint context path
export WEB_SOCKET_MAX_MESSAGE_SIZE=65535 # web socket max message size in bytes
export WEB_SOCKET_IDLE_TIMEOUT_SECONDS=300 # web socket idle timeout in seconds
export SYSLOG_PROTOCOL=tcp # syslog protocol
export SYSLOG_HOST=localhost # syslog host
export SYSLOG_PORT=2514 # syslog port
export JSON_ADAPTER_BIND_ADDRESS=127.0.0.1 # json adapter bind address
export JSON_ADAPTER_PORT=28080 # json adapter port
export JSON_ADAPTER_PATH=/save-logs # json adapter path
export JSON_ADAPTER_TOKEN=token # json adapter token
export SPHINX_HOST=localhost # sphinx host
export SPHINX_PORT=9312 # sphinx port
export SPHINX_CONNECT_TIMEOUT=30000 # sphinx connect timeout
export SPHINX_QUERY_INDEXES=index1,index2 # comma separated query indexes
export LOG_STORAGE_CAPACITY=1000 # log broadcasting service storage capacity (web terminal page)
export LOGBACK_PROGRAM=programName # logback program name
export LOGBACK_TCP_PORT=4713 # port for logback tcp adapter
export LOGBACK_UDP_PORT=4713 # port for logback udp adapter

Start server uber-jar:

java -jar ./srvlog-web/target/srvlog-embed-server.jar

Name		Name	Last commit message	Last commit date
Latest commit History 499 Commits
.mvn/wrapper		.mvn/wrapper
install		install
srvlog-it		srvlog-it
srvlog-service		srvlog-service
srvlog-sql		srvlog-sql
srvlog-web		srvlog-web
.gitignore		.gitignore
README.md		README.md
circle.yml		circle.yml
mvnw		mvnw
mvnw.cmd		mvnw.cmd
pom.xml		pom.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

srvlog - Lightweight Logs Collector System.

Building and starting embedded srvlog jetty server

About

Releases 8

Packages

Contributors 7

Languages

payneteasy/srvlog

Folders and files

Latest commit

History

Repository files navigation

srvlog - Lightweight Logs Collector System.

Building and starting embedded srvlog jetty server

About

Resources

Stars

Watchers

Forks

Releases 8

Packages 0

Contributors 7

Languages

Packages