<div dir="ltr"><div dir="ltr"><div>I was considering HDFS but ultimately chose ES because of simplicity.  I too spent a while looking for a pre-packaged suite but most things are commercial.<br></div><div><br></div><div>I'd like to check this out sometime, just haven't had the opportunity - <a href="https://opendistro.github.io/for-elasticsearch/" target="_blank">https://opendistro.github.io/for-elasticsearch/</a><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Apr 5, 2019 at 10:00 AM Czanik, Péter <<a href="mailto:peter.czanik@balabit.com" target="_blank">peter.czanik@balabit.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><div>Hi,</div><div><br></div><div>Many syslog-ng users store logs to Elasticsearch and search/analyze them using Kibana. Personally I never tested, but should take a look at Elasticsearch-Hadoop if it solves your problem: <a href="https://www.elastic.co/products/hadoop" target="_blank">https://www.elastic.co/products/hadoop</a></div><div><br></div><div>Bye,<br></div><div><br></div><div><div><div dir="ltr" class="gmail-m_7590008140418043913gmail-m_4025848409927925934gmail_signature">Peter Czanik (CzP) <<a href="mailto:peter.czanik@balabit.com" target="_blank">peter.czanik@balabit.com</a>><br>Balabit (a OneIdentity company) / syslog-ng upstream<br><a href="https://syslog-ng.com/community/" target="_blank">https://syslog-ng.com/community/</a><br><a href="https://twitter.com/PCzanik" target="_blank">https://twitter.com/PCzanik</a></div></div><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Apr 5, 2019 at 3:50 PM Lee Keng Ket <<a href="mailto:kengket@gmail.com" target="_blank">kengket@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto"><div>Hi,<div dir="auto"><br></div><div dir="auto">How about open source webGUI? Any recommendations? </div><div dir="auto"><br></div><div dir="auto">Thank you. </div><div dir="auto"><br></div><div dir="auto">Regards, </div><div dir="auto">KK </div><br><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, 5 Apr 2019, 20:56 Jim Hendrick, <<a href="mailto:james.r.hendrick@gmail.com" target="_blank">james.r.hendrick@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">It's not free - but you might look at the Syslog Store Box - <div><a href="https://www.syslog-ng.com/products/log-management-appliance/" rel="noreferrer" target="_blank">https://www.syslog-ng.com/products/log-management-appliance/</a><br></div><div><br></div><div>They have also done some cool stuff with a native splunk HEC destination in the professional edition of syslog-ng. Might look at using that and splunk for the front-end?</div><div><br></div><div>Jim</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Apr 5, 2019 at 2:38 AM Lee Keng Ket <<a href="mailto:kengket@gmail.com" rel="noreferrer" target="_blank">kengket@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><div><div><div><div><div>Hi,<br><br></div>I'm looking for a WebGUI application for users to search for syslog, which the logs are stored by syslog-ng into HDFS.<br><br></div>Can you please share what WebGUI you're using?<br><br></div>I realize ElasticSearch with Kibana are the famous solution for this, however, I wish to store my syslog in HDFS.<br><br></div>Thank you.<br><br></div>Regards,<br></div>KK<br></div>
______________________________________________________________________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
</blockquote></div>
______________________________________________________________________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
</blockquote></div></div></div>
______________________________________________________________________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
</blockquote></div>
______________________________________________________________________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" rel="noreferrer" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" rel="noreferrer" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" target="_blank">http://www.balabit.com/wiki/syslog-ng-faq</a><br>
<br>
</blockquote></div>