[syslog-ng] Blog post on ELSA
Martin Holste
mcholste at gmail.com
Tue Mar 29 15:32:38 CEST 2011
Good call, done.
On Tue, Mar 29, 2011 at 2:27 AM, Fekete Robert <frobert at balabit.hu> wrote:
> Hi Martin,
>
> just a quick tip: include a link to your blog post on the project page, the post
> gives a nice overview of ELSA with some screenshots; which is what most people
> will be looking for, but is missing from the project page.
>
> Regards,
>
> Robert
>
> On 03/28/2011 10:26 PM, Martin Holste wrote:
>
>> I just put up an entry on my blog (http://ossectools.blogspot.com)
>> describing the Enterprise Log Search and Archive Project
>> (http://code.google.com/p/enterprise-log-search-and-archive) I've been
>> working on which uses Syslog-NG>= 3.1 and pattern-db at its core.
>> There are a lot of other open-source log collection frameworks out
>> there that are easier to install, such as Logzilla (php-syslog-ng),
>> but if you're trying to log> 1k messages/sec (common in large orgs)
>> and need something GPL licensed, installing ELSA will probably be
>> worth your while. We're using it to index 15k messages/sec with basic
>> hardware. It's currently storing tens of billions logs, and
>> full-text, ad-hoc queries complete in about 1/2 to 2 seconds,
>> including group-by queries on arbitrary fields for reporting. I put a
>> few screenshots and a feature list in the post.
>>
>> The documentation is pretty basic right now, but I'm happy to assist
>> if you run into issues.
>>
>> ELSA is also open to plugin creation, so if you find ELSA useful and
>> create plugins, please let me know and I can add them to the project.
>>
>> Also, patterns for the pattern-db are more than welcome! I've
>> included patterns for Cisco FWSM connections and denies, Snort logs,
>> Windows logs from Eventlog-to-Syslog as well as Snare, and URL's from
>> my httpry wrapper, which is available on the project site as well as
>> in the tarball/source code.
>>
>> Comments and feedback are welcome!
>>
>> Thanks,
>>
>> Martin
>> ______________________________________________________________________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
>> FAQ: http://www.campin.net/syslog-ng/faq.html
>>
>>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
More information about the syslog-ng
mailing list