[syslog-ng] suggestions for a web frontend to syslog data

Paul Krizak paul.krizak at amd.com
Fri Apr 7 20:43:28 CEST 2006 

We're doing ~1.5GB/day with absolutely no performance problems at all. 
In fact the CPUs are around 80-90% idle when processing this amount of 
log data.  I'm using a FIFO to to direct the log data into splunk.  I 
found that the tailing processor and the directory monitor were both 
much slower than the FIFO at handling steady streams of log data.

Paul Krizak                         5900 E. Ben White Blvd. MS 625
Advanced Micro Devices              Austin, TX  78741
Linux/Unix Systems Engineering      Phone: (512) 602-8775
Microprocessor Solutions Sector


sawall wrote:
> I tried splunk too, but had major time issues with it importing my 
> data.  I have 5+ GB of syslogs a day.
> 
> It's wonderful for the data that's in there and being able to search on 
> it.  I just need a better way to get it into the database more efficiently.
> 
> Thoughts?
> 
> Chris
> 
> 
> On 4/7/06, *Paul Krizak* <paul.krizak at amd.com 
> <mailto:paul.krizak at amd.com>> wrote:
> 
>     Yeah it's very very nice.  It's still kinda buggy since it's a very new
>     piece of software, but the support folks are fantastic and they're
>     actively working to make things better.
> 
>     The licenses are a bit expensive, though.
> 
>     Paul Krizak                         5900 E. Ben White Blvd. MS 625
>     Advanced Micro Devices              Austin, TX  78741
>     Linux/Unix Systems Engineering      Phone: (512) 602-8775
>     Microprocessor Solutions Sector     Cell:  (512) 791-0686
> 
> 
>     Heigl Florian - Munich-MR - external wrote:
>      >> We're using Splunk ( http://www.splunk.com) as a visual
>      >> front-end to our
>      >> syslog data.
>      >
>      > Wow, compared to php-syslog this seems like ferrari and fiat.
>      > Are You still happy with it? I played around in their demo
>      > site and am really amazed by it.
>      >
>      > Florian
>      > _______________________________________________
>      > syslog-ng maillist  -  syslog-ng at lists.balabit.hu
>     <mailto:syslog-ng at lists.balabit.hu>
>      > https://lists.balabit.hu/mailman/listinfo/syslog-ng
>      > Frequently asked questions at
>     http://www.campin.net/syslog-ng/faq.html
>     <http://www.campin.net/syslog-ng/faq.html>
>      >
>      >
> 
>     _______________________________________________
>     syslog-ng maillist  -  syslog-ng at lists.balabit.hu
>     <mailto:syslog-ng at lists.balabit.hu>
>     https://lists.balabit.hu/mailman/listinfo/syslog-ng
>     Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>

More information about the syslog-ng mailing list