Monitoring tool for logs aggregation and alerting
Project description
About
Snooze is a powerful monitoring tool used for log aggregation and alerting. It comes with the following features:
- Backend + Web interface
- Local / LDAP / JWT token based authentication
- Built-in clustering for scalability
- Large number of sources as inputs
- Log aggregation
- Log manipulation
- Log archiving
- Alerting policies
- Various alerting methods
- Auto housekeeping
- Metrics
Try it now on: https://try.snoozeweb.net
Installation
Installation on CentOS/RHEL
$ wget https://rpm.snoozeweb.net -O snooze-server-latest.rpm
$ sudo yum localinstall snooze-server-latest.rpm
$ sudo systemctl start snooze-server
Installation on Ubuntu/Debian
$ wget https://deb.snoozeweb.net -O snooze-server-latest.deb
$ sudo apt install snooze-server-latest.deb
$ sudo systemctl start snooze-server
Web interface URL:
http://localhost:5200
if create_root_user
in /etc/snooze/core.yaml
has not been set to false, login credentials are root:root
Otherwise, it is always possible to generate a root token that can be used for JWT Token authentication method if Snooze Client is installed:
$ snooze root-token
# Run with root or snooze user
Root token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjp7Im...
Recommendations
By default, Snooze is using a single file to store its database and therefore can run out of the box without any additional configuration or dependency. While this implementation is convenient for testing purpose, it is heavily recommended to switch the database configuration to MongoDB.
Docker
$ docker run --name snoozeweb -d -p <port>:5200 snoozeweb/snooze
Then the Web interface should be available at this URL:
http://<docker>:<port>
Snoozeweb docker image can be run without any backend database (will default to a file based DB) but if one is needed:
$ docker run --name snooze-db -d mongo
Then
$ export DATABASE_URL=mongodb://db:27017/snooze
$ docker run --name snoozeweb -e DATABASE_URL=$DATABASE_URL --link snooze-db:db \
-d -p <port>:5200 snoozeweb/snooze
Configuration
The only configuration file not managed in the web interface is /etc/snooze/core.yaml
and requires restarting Snooze if changed.
/etc/snooze/core.yaml
listen_addr
('0.0.0.0'
): IPv4 address on which Snooze process is listening toport
(5200
): Port on which Snooze process is listening todebug
(false
): Activate debug log outputbootstrap_db
(true
): Populate the database with an initial configurationcreate_root_user
(true
): Create a root user with a default password rootno_login
(false
): Disable Authentication (everyone has admin priviledges)ssl
enabled
(false
): Enable TLS termination for both the API and the web interfacecertfile
(''
): Path to the SSL certificatekeyfile
(''
): Path to the private key
web
enabled
(true
): Enable the web interfacepath
(/opt/snooze/web
): Path to the web interface dist files
clustering
enabled
(false
): Enable clustering modemembers
: List of snooze servers in the cluster {host, port}host
(localhost
): Hostname or IPv4 address of the first memberport
(5200
): Port on which the first member is listening to
database
type
(file
): Backend database to use (file or mongo)
Example for MongoDB backend with database replication enabled:
database:
type: mongo
host:
- hostA
- hostB
- hostC
port: 27017
username: snooze
password: 7dg9khqg1w6
authSource: snooze
replicaSet: rs0
Documentation
License
Snooze - Log aggregation and alerting
Copyright 2018-2021 Florian Dematraz, Guillaume Ludinard
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for snooze_server-1.0.13-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8b09180f434f94071de0684c8fe9e1724848904c6d69a49c0b47c9698e4296dd |
|
MD5 | 670f7104f3139f33eb6f6486beddb3a6 |
|
BLAKE2b-256 | 352a7643810f674bc46aeb8cf1db580dbc8c2dce0db68375738a43b42681e24b |