Are there any nice tools for doing a 'tail -f' on a remote (linux) server? It would be nice to be able to do something like "taillog server_host /var/log/syslog" to view logs on various servers without having to ssh in.
How about an app that shows multiple logs side-by-side?
If the log files are being generated on the client server via the
syslogfacility then the best way is to setup the clients syslog daemon to forward those logs to a seperate host. For example, if I have an internal namesyslog.privatewhich points to the remote server that I want to receive the log entries. I can add the following line to the/etc/syslog.confon the client server.and then restart the syslog daemon on the client
This will cause every entry that passes through the clients syslog to be sent across the wire to
syslog.privateand if that machine is configured correctly, the entries will be available there as well. In RedHat systems this is controlled by the/etc/sysconfig/syslogfile. Make sure the-roption is presentand then restart the syslog daemon on the receiving server.
You can also control what is forwarded to the remote server by adding exclusions, see the example below
Which says forward everything to
syslog.privatewith the exception of anything sent to themailfacility.If this solution works out for you, you may consider one of the alternate syslog implementations like rsyslog, or syslog-ng, which provide extra logging and storage options.
If you setup key-based ssh authentication and sudo on the remote hosts on the remote hosts to allow running tail against the log files without password prompting. It would be pretty easy to build a taillog script that does what you want like below. This doesn't really avoid ssh, but it does save you a couple steps.
Or, you could setup syslog to forward all the log messages to a central system and then run your tail command on the syslog server. Just watch the log files on the central system.
I would highly recommend multitail for advanced log viewing. Self described as tail on steroids.
This is clearly not answering your question, but if you have more than a few logs to watch, and less than the free edition limit, you can try Splunk for free to have a nice interface and useful to all your logging data.
tail -fdoes support more than one log, but not side by side, only downwards.Multitail will do what you're after on the local machine. It does not specifically mention if it will work across a network, although there are several ways to work around that (NFS mounts, SMB mounts, etc.) It also says it will work as a syslog server, which implies that it might be able to receive active data from another machine's syslog, although I have never used that feature and don't know if that's the case.
I'm using OtrosLogViewer (apache commons license). It supports tailing log from remote servers using ssh/sftp and samba/CIFS. You can tail multiply log files into one window. Here is a screenshot:
I wrote vsConsole for exactly this purpose - easy access to log files (sshing and file permissions are always a problem) - and then added app monitoring and version tracking. I would like to know what you think of it. http://vs-console.appspot.com/
This is meant to be an easy, low learning curve, one click solution solving common development problems I've always needed a simple solution for.
You could use something like Phplogcon. I use rsyslog with mysql and send all logs from my other servers to it. Phplogcon then displays them through the use of a web application.
It's not the best looking interface but it's a nice way for admins to access logs without exposing the servers to unnecessary remote logins.
You can also use Octopussy (my project) to centralize your logs, view and generate alerts and reports.
Already mentioned, but worth mentioning again. SPLUNK!
I've had the pleasure of building big central syslog setups with a nice gui in the past. It's a world of pain. Splunk makes it a doddle, especially with an enterprise license tha give you central managment. If your logs are under 500M a day, it's free. If not, it can get very expensive, but it is worth it and not just for a little bit of logging - you can do a lot more. I'd usually advocate open source apps, but Splunk beats anything I've come across.