[syslog-ng] mojology: syslog-ng and mongodb meet the web

Gergely Nagy algernon at balabit.hu
Sat Jan 8 22:34:33 CET 2011 

Hi!

During the past couple of nights, I was busy coming up with something
that would showcase the power of syslog-ng combined with the mongodb
destination, and that is how mojology was born:

  http://mojology.madhouse-project.org/
   source available @ https://github.com/algernon/mojology

To sum it up: it's a web based log browser, a reasonably simple one: one
can't search, or do advanced filtering (yet!), only a few basic stuff.

The interesting part comes from the fact that the logs it displays are
stored in mongodb, a document store, and as such, the structure of them
is very, very flexible. Although, the application does make a few
assumptions (see the about page or the readme in the sources), it still
retains a lot of flexibility.

Without going into the gory details (that's what the source is for ;),
let me show you a few interesting pages!

Examples
--------

* http://mojology.madhouse-project.org/log/4d28cd01f310ef4f00000024

This one was originally made with the following command: 
  logger -i -t hi 'Hello World! This concludes our demo session."

Then I went into the MongoDB shell and added a few other keys below the
"dyn" sub-document, alongside the default "classifier" (courtesy of
patterndb).

As you can see, no matter how deep one nests, it still displays
properly. It's also easy to query, even at such depths.

* http://mojology.madhouse-project.org/log/4d28cba4f310ef4f0000001e

Logging in from one computer to my desktop, using password
authentication. This entry was made fully automatically.

Other notes
-----------

The database behind the demo application is fairly small, only 39
messages stored, but hey, it's a demo!

The program itself is a little over a hundred lines of python +
templates; built upon Flask & PyMongo.

For the best experience, a recent browser is strongly advised: Chromium
6+, Firefox 4+ for best results; Firefox 3 works very well too, but some
of the tiny cosmetic features do not; the site displays in IE7+ too, and
can be used, but the experience is rather disappointing.

I hope this little weekend hack helps demonstrate how flexible mongodb
can be for logging, and how well syslog-ng can make use of that
flexibility.

-- 
|8]

More information about the syslog-ng mailing list