When I was searching for something simillar, I red that syslog-ng plays well with https://code.google.com/p/enterprise-log-search-and-archive/ . They have how-tos and configs there specifically for that.
There is also Elasticsearch. Greylog2.
There are also more simple GUIs, but I doubt they will do great when searching through gigabytes of data.
If you try these, please share your experiences, in using/configuring them campared to Splunk.
On 2013-11-18 18:20, Rafał Radecki wrote:
In GB, the paid license is an option ;)
2013/11/18 ignasr@vault13.lt ignasr@vault13.lt
On 2013.11.18 17:56, Rafał Radecki wrote:
Hi All.
I have an environment in which I would like to implement a GUI for
parsing
syslog-ng logs from operating system, application servers and databases. I've heard that Splunk is a good tool but its quite hard to learn. Are there any valuable alternatives? What are you using and why?
Best regards, Rafal. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Hello,
I do not think Splunk is hard. The only downside is that you have to pay money if you index more than 500MB of logs a day.
How many logs/day (in MB) are you expecting?
Ignas _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos