nanog mailing list archives
Re: syslog server
From: Grant Ridder <shortdudey123 () gmail com>
Date: Tue, 7 Jun 2016 17:28:09 -0700
+1 for ELKK (with kafka) Doing several hundred GB of log per day with a dozen instances on AWS (ES cluster + logstash hosts + kafak cluster) -Grant On Mon, Jun 6, 2016 at 11:25 PM, <Valdis.Kletnieks () vt edu> wrote:
On Mon, 06 Jun 2016 14:59:51 -0600, Maximino Velazquez said:What is the best syslog server (opensource)?Step 0: Define what "best" means in your environment. What features do you need? Routing to a central aggregation server over TLS? Powerful regex-based routing? Ingestion into a database (a la splunk or Elk) for data mining? Ability to deal with insanely high message rates? Other must-have or don't-care features? License pricing? Vendor support? Step 1: After figuring out what you need, make a matrix of the available options and how well they fit. (We have in production syslog-ng, rsyslog, splunk, Elk, and probably a few others I've forgotten, for different purposes....)
Current thread:
- syslog server Maximino Velazquez (Jun 06)
- Re: syslog server Valdis . Kletnieks (Jun 06)
- Re: syslog server Grant Ridder (Jun 07)
- Re: syslog server Andrew Kirch (Jun 07)
- Re: syslog server Grant Ridder (Jun 07)
- Re: syslog server David Hubbard (Jun 07)
- RE: syslog server STARNES, CURTIS (Jun 07)
- Re: syslog server Alain Hebert (Jun 07)
- RE: syslog server STARNES, CURTIS (Jun 07)
- Re: syslog server Peter Loron (Jun 07)
- RE: syslog server Cashell, Christopher P. (Jun 07)
- Re: syslog server Lars Lehtonen (Jun 17)
- Re: syslog server Valdis . Kletnieks (Jun 06)