I’m pretty new to selfhosting, but one thing that I know to take seriously is log collection. Since there are a lot of different type of logs (kernel log, application logs, etc) and logs come in many different formats (binary, json, strings) - it’s no easy task to collect them centrally and look through them whenever neccessarly.
I’ve looked at grafana and tried the agent briefly, but it wasn’t as easy as I thought (and it might be a too big tool for my needs). So I thought to ask the linuxlemmy community to get some inspiration.
Everything’s running on either podman or systemd so all my logs end up in journald.
CrowdSec is configured to look into journald even for the containers (via the CONTAINER_NAME filter). Other than that I don’t have any automatic log parsing set up.
When they end up getting bit I just run
sudo journalctl --vacuum-size=100M --rotateand call it a day.