[syslog-ng] Coming from Graylog to Syslog-NG
Scheidler, Balázs
balazs.scheidler at balabit.com
Wed Jul 27 14:52:31 CEST 2016
On Wed, Jul 27, 2016 at 2:31 PM, Noémi Ványi <sitbackandwait at gmail.com>
wrote:
> Hi,
>
>
>> 1) If I use Syslog-NG with a flat text file to receive 5000-6000
>> logs/sec, using s fast disk from my storage, do you recommneded to me
>> this option ???
>>
>
> The file destination of syslog-ng is capable of handling 5000-6000
> logs/sec. But if you have problems, you can open an issue on Github.
>
it should be possible to do 100k msg/sec or even more if you have templated
destination files (e.g. /var/log/${PROGRAM}.log) we have seen syslog-ng
chewing 500-600k msg/sec when writing to a distributed set of files.
>
> 2) As an extra benefit, what is the best and simple way to have a
>> graphical view of all the logs ???
>>
>
> AFAIK there are no tools for visualizing logs in case of file destination.
> However, if logs could be forwarded using ElasticSearch destination, Kibana
> could be used to visualize logs. Also, if you configure a mongodb
> destination, you can use mojology (https://github.com/algernon/mojology).
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20160727/8ed295cc/attachment.htm
More information about the syslog-ng
mailing list