I tried splunk too, but had major time issues with it importing my data.  I have 5+ GB of syslogs a day.

It's wonderful for the data that's in there and being able to search on it.  I just need a better way to get it into the database more efficiently.

Thoughts?

Chris


On 4/7/06, Paul Krizak <paul.krizak@amd.com> wrote:
Yeah it's very very nice.  It's still kinda buggy since it's a very new
piece of software, but the support folks are fantastic and they're
actively working to make things better.

The licenses are a bit expensive, though.

Paul Krizak                         5900 E. Ben White Blvd. MS 625
Advanced Micro Devices              Austin, TX  78741
Linux/Unix Systems Engineering      Phone: (512) 602-8775
Microprocessor Solutions Sector     Cell:  (512) 791-0686


Heigl Florian - Munich-MR - external wrote:
>> We're using Splunk ( http://www.splunk.com) as a visual
>> front-end to our
>> syslog data.
>
> Wow, compared to php-syslog this seems like ferrari and fiat.
> Are You still happy with it? I played around in their demo
> site and am really amazed by it.
>
> Florian
> _______________________________________________
> syslog-ng maillist  -  syslog-ng@lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>

_______________________________________________
syslog-ng maillist  -  syslog-ng@lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html