Hi all,

What is the best practice for storing all those logs in one central environment. I have one Linux Box running Syslog-NG with LogAnalyzer and MongoDB ( for now ), and is the best way to configure and use it with MongoDB or with MariaDB ( MySQL ) ? I have once install MySQL but it was getting very slow as the logs getting bigger and bigger ( for one week ).
Now i have done with MongoDB ( still testing ) but i have problem as LogAnalyzer does not show me the real pictures, i have no Date info, no Facility, no serverity, Hosts, syslogtag, i just have ProcessID.

Any hints on this ?

I have the following configuration on the syslog-ng.cfg:

destination d_mongodb {
    mongodb(
    servers("localhost:27017")
        database("logs")
#    uri('mongodb://localhost/syslog-ng')
    collection("syslog")
    value-pairs(
    scope("selected-macros" "nv-pairs" "sdata")
        )
            );
            };

Kind regards
Ivan