A Linux administrator manages a distributed application running on numerous servers. To diagnose a problem, the administrator must connect to each server individually and manually review various log files to piece together the sequence of events. This approach is proving to be slow and inefficient. Which of the following strategies would BEST address this challenge?
Deploy a log aggregation solution to collect and consolidate logs from all servers into a central, searchable repository.
Configure a cron job on each server to email the contents of critical log files to the administrator.
Increase the log rotation frequency on all servers to ensure log files do not grow too large.
Enable SNMP on all servers and configure a central manager to receive traps for critical system events.
The correct answer is to deploy a log aggregation solution. Log aggregation is the process of collecting logs from multiple sources and consolidating them into a single, centralized location. This allows an administrator to search, analyze, and correlate events across the entire infrastructure from one interface, which directly solves the inefficiency of checking each server manually. Tools like Fluentd, Logstash, or services like Graylog and the ELK stack (Elasticsearch, Logstash, Kibana) are commonly used for this purpose.
Configuring SNMP to send traps is incorrect because SNMP is primarily a protocol for monitoring device health and status metrics, not for collecting high-volume, detailed log entries. While traps can alert on specific events, they are not designed to handle the full stream of logs needed for in-depth troubleshooting.
Using a cron job to email log files is an inefficient and non-scalable approach. It would flood an administrator's inbox, logs would not be available in real-time, and searching across many email attachments would be extremely difficult.
Increasing the log rotation frequency addresses disk space management by archiving old logs more often. This is unrelated to the problem of centralizing logs for easier analysis and would not help the administrator correlate events across different servers.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is log aggregation, and how does it work?
Open an interactive chat with Bash
How does log aggregation compare to SNMP traps?
Open an interactive chat with Bash
What are the advantages of using a log aggregation solution over email-based log collection?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Troubleshooting
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access