[syslog-ng] Blog post on ELSA
Fekete Robert
frobert at balabit.hu
Tue Mar 29 09:27:42 CEST 2011
Hi Martin,
just a quick tip: include a link to your blog post on the project page, the post
gives a nice overview of ELSA with some screenshots; which is what most people
will be looking for, but is missing from the project page.
Regards,
Robert
On 03/28/2011 10:26 PM, Martin Holste wrote:
> I just put up an entry on my blog (http://ossectools.blogspot.com)
> describing the Enterprise Log Search and Archive Project
> (http://code.google.com/p/enterprise-log-search-and-archive) I've been
> working on which uses Syslog-NG>= 3.1 and pattern-db at its core.
> There are a lot of other open-source log collection frameworks out
> there that are easier to install, such as Logzilla (php-syslog-ng),
> but if you're trying to log> 1k messages/sec (common in large orgs)
> and need something GPL licensed, installing ELSA will probably be
> worth your while. We're using it to index 15k messages/sec with basic
> hardware. It's currently storing tens of billions logs, and
> full-text, ad-hoc queries complete in about 1/2 to 2 seconds,
> including group-by queries on arbitrary fields for reporting. I put a
> few screenshots and a feature list in the post.
>
> The documentation is pretty basic right now, but I'm happy to assist
> if you run into issues.
>
> ELSA is also open to plugin creation, so if you find ELSA useful and
> create plugins, please let me know and I can add them to the project.
>
> Also, patterns for the pattern-db are more than welcome! I've
> included patterns for Cisco FWSM connections and denies, Snort logs,
> Windows logs from Eventlog-to-Syslog as well as Snare, and URL's from
> my httpry wrapper, which is available on the project site as well as
> in the tarball/source code.
>
> Comments and feedback are welcome!
>
> Thanks,
>
> Martin
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
More information about the syslog-ng
mailing list