If you manage Linux servers long enough, you eventually hit this moment: Server is slow… users are shouting… and logs are everywhere. /var/log/messages /var/log/secure /var/log/nginx/access.log /var/log/nginx/error.log /var/log/mysql/error.log /var/log/audit/audit.log /app/logs/*.log /docker/containers/*/*.log So what do you do? You SSH into the box and start the ancient ritual: [root@siddhesh ~]# tail -f /var/log/messages [root@siddhesh ~]# tail -f /var/log/nginx/error.log

In some circumstances, we may need to parse MySQL data to other security compliance appliances such as SIEM or a database such as...