Looking for an open source component to collect telemetry from network devices + everywhere. Does it exist? Seems like I need separate systems for network and then OS-based and container based.
https://www.sdxcentral.com/articles/news/cisco-aims-for-full-stack-observability-with-opentelemetry/2023/05/
https://techblog.cisco.com/blog/getting-started-with-opentelemetry
https://www.cisco.com/c/en/us/solutions/collateral/enterprise/design-zone-security/telemetry-architecture-guide.html
Splunk does a free 14 day trial, might check it out but wanted something I could play with more long term.
Splunk is just a log aggregator with programmable search functions which allows one to create dashboards to make sense of the logged data.
it doesn't really collect anything from anywhere. I supposed one could use SNMP Get. to collet data from network devices, and put into Splunk Splunk charges by the log volume, and Cisco Thousand Eyes isn't cheap either, the Fed team, where i am has been trying to setup Thousand Eyes for months.
There are some other Splunk-ternatives like Elastic and Gravwell, I'd check those out. They aim themselves at beating Splunk on features and price.
Thanks... I didnt want just another log aggregator unless there were smarts to actually do something with the data. I have a home lab, so even there it would be a lot of data for one person.
I had been looking at Salesforce's LogAI last weekend.. Seems like it might be useful for doing something with that data but I hit a couple of snags when I tried to load in sample Windows log. First being, need to configure a .json to match on the log sections (why can't the AI do that) and second, probably because my .json was not exactly as required, the code was erroring out later on. It's only provided from salesforce for research purposes, it's not a polished/finished product.
Azure has models available over API so might try those out. Should then be able to use powerBI for visualisation.