Today I discovered "lnav"or the Log Navigator cli utility. It is a truly awesome log follower and navigator for the terminal which works beautifully with PostgreSQL log files.
#postgres #postgresql #debugging #sql #plpgsql #lnav #logs #logging #rdbms #system #administration
Vector 0.46.0 now includes a #Postgres sink!
It's time to send my logs to TimescaleDB 
An alternative to pflogsumm, depending on your needs 
Read more in the latest blog post by our Co-founder - Aliaksandr Valialkin, and try it out for yourself:
A few reasons why we say that #VictoriaLogs is a great solution for log management:
Easy to configure and manage.
Production setup doesn’t need #S3-compatible storage.
Doesn’t break already existing configs in new releases, so the upgrade path is very simple.
Supports high-cardinality #log fields such as user_id, trace_id and ip, out of the box.
Provides fast full-text search over plaintext #logs.
Which #logging system do you prefer for managing logs in #Kubernetes?
Have you ever seen a #LogRotate library that doesn't *perform* the actions itself, but just tells you what it *would* do, given some hypothetical input set of files?
I'm trying to do log rotation (well, #backup rotation) over #SFTP, and whilst I can script some dumb rotation scheme, it'd be lovely to lean on some properly tested code instead! #logs #logging #logrotation #backups
Guide to Interpreting Security Incident #Announcements:
"extremely sophisticated attack" : The attackers put more time into the attack than we spent designing our defences.
"no evidence customer #data was accessed" : We lack audit records and the logs have been rotated out.
"due to a misconfiguration issue" : We deployed with default #insecure settings.
"possible for only a short window" : We didn't dig too deep to determine how far back the bug existed.
"crafted invalid request data" : We forgot to add input #validation.
"supplementary fix" : We didn't understand the problem as well as we thought, so our previous fix was insufficient.
"may have been exploited" : We're positive they got away with data, but they deleted our #logs.
"multiple threat actors" : Everyone was in our systems before we noticed.
"most customers are unaffected" : There are corner cases that aren't as #vulnerable.
"error in a third-party component" : We forgot to update our dependencies.
"could lead to remote code execution" : You're #p0wned.
"malicious activity has been observed" : The issue has already appeared in the press.
"review equipment inventory to verify if devices require other mitigations" : You need to buy new stuff.
"remotely exploited to allow authentication bypass" : We forgot to require #login for this function.
"not aware of any exploits in the wild" : The attackers aren't bragging on darkweb fora yet.
Still using journalctl(1) for browsing logs?
Check out this TUI instead 
**journalview**: View, filter, and navigate system logs from journalctl.
Supports custom filters, searching & more!
Written in Rust & built with @ratatui_rs
Linux System Logs Explained: How to Read and Analyze Logs Like a Pro #Linux #Logs #Linuxcommands #Linuxhowto #Linuxbasics #Linuxadministration
https://ostechnix.com/understanding-linux-system-logs/
#FriendlyReminder for people using #pfBlockerNG on #pfSense / #OPNsense or any other #FreeBSD-based #Firewall|ing-#distro:
Clean up ´´´/var/log/pfblockerng´´´ regularly, or else it'll fill up with disrespectful quickness depending on your setup.
Dans les enquêtes en sources ouvertes, il suffit parfois d'un peu d'imagination pour dénicher des informations ultra sensibles : https://www.radiofrance.fr/franceculture/podcasts/recits-d-enquete/revelations-strava-comment-le-monde-a-traque-emmanuel-macron-joe-biden-et-vladimir-poutine-3400348
Hier, avec @pyaillet on a animé une ZenBox sur l'observabilité chez un client.
> Une Zenbox, c'est l'occasion de s'initier à un sujet ou de faire sa veille facilement au côté d'experts.
Une heure de conférence interne entre formation (plus long) et similaire à un BBL (Brown Bag Lunch).
Des exemples des sujets sur : https://training.zenika.com/en-fr/talks
Bonne découverte du matin : ne trouvant pas les logs d'un environment sur grafana (avec loki derrière), je suis aller les lire dans argocd, et là je me rend compte qu'on peut lire les logs des pods associés à un déploiement, avec une petite pastille colorée pour chaque pod
Image piquée sur https://blog.argoproj.io/argo-cd-v2-0-rc1-is-here-f7d21ff1aa64
GitHub: 
