[syslog-ng] syslog-ng as "shipper" into ELK stack
Alexandre Biancalana
biancalana at gmail.com
Sat Oct 4 01:01:53 CEST 2014
On Thu, Oct 2, 2014 at 9:33 PM, Jim Hendrick <jrhendri at roadrunner.com>
wrote:
> Hi,
>
> I am working on configuring Elasticsearch, Logstash & Kibana (ELK) to
> test it as a backend search tool for large volumes of logs.
>
> I decided to put Redis in front of Logstash as a "broker" for the
> incoming logs, and syslog-ng as the "shipper" so it looks like this:
>
> syslog-ng ==> redis ==> logstash ==> elasticsearch ==> apache ==> kibana
>
I've been using the following:
syslog-ng => rabbitmq => elasticsearch
syslog-ng + patterndb to parse logs and write then in json format on
rabbitmq, after that is just use elasticsearch amqp river to consume the
queue.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20141003/8dc42be9/attachment.htm
More information about the syslog-ng
mailing list