<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></head><body ><div>Thanks. Why rabbitmq instead of redis? Is it faster, or does it offer some additional functions? </div><div><br></div><div>Jim</div><div><br></div><div><br></div><div><div style="font-size:9px;color:#575757">Sent from my Verizon Wireless 4G LTE smartphone</div></div><div></div><br><br>-------- Original message --------<br>From: Alexandre Biancalana <biancalana@gmail.com> <br>Date:10/03/2014 7:01 PM (GMT-05:00) <br>To: Syslog-ng users' and developers' mailing list <syslog-ng@lists.balabit.hu> <br>Subject: Re: [syslog-ng] syslog-ng as "shipper" into ELK stack <br><br><div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Oct 2, 2014 at 9:33 PM, Jim Hendrick <span dir="ltr"><<a href="mailto:jrhendri@roadrunner.com" target="_blank">jrhendri@roadrunner.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br>
<br>
I am working on configuring Elasticsearch, Logstash & Kibana (ELK) to<br>
test it as a backend search tool for large volumes of logs.<br>
<br>
I decided to put Redis in front of Logstash as a "broker" for the<br>
incoming logs, and syslog-ng as the "shipper" so it looks like this:<br>
<br>
syslog-ng ==> redis ==> logstash ==> elasticsearch ==> apache ==> kibana<br></blockquote><div><br></div><div>I've been using the following:<br><br>syslog-ng => rabbitmq => elasticsearch<br><br></div><div>syslog-ng + patterndb to parse logs and write then in json format on rabbitmq, after that is just use elasticsearch amqp river to consume the queue.<br></div></div><br></div></div>
</body>