[syslog-ng] Coming from Graylog to Syslog-NG
Roberto Carna
robertocarna36 at gmail.com
Wed Jul 27 15:06:07 CEST 2016
Thanks Balazs, so I can grow up the received Logs/Sec without any
problem, using text files!!!
Regards,
2016-07-27 9:52 GMT-03:00 Scheidler, Balázs <balazs.scheidler at balabit.com>:
>
> On Wed, Jul 27, 2016 at 2:31 PM, Noémi Ványi <sitbackandwait at gmail.com>
> wrote:
>>
>> Hi,
>>
>>>
>>> 1) If I use Syslog-NG with a flat text file to receive 5000-6000
>>> logs/sec, using s fast disk from my storage, do you recommneded to me
>>> this option ???
>>
>>
>> The file destination of syslog-ng is capable of handling 5000-6000
>> logs/sec. But if you have problems, you can open an issue on Github.
>
>
> it should be possible to do 100k msg/sec or even more if you have templated
> destination files (e.g. /var/log/${PROGRAM}.log) we have seen syslog-ng
> chewing 500-600k msg/sec when writing to a distributed set of files.
>
>>
>>
>>> 2) As an extra benefit, what is the best and simple way to have a
>>> graphical view of all the logs ???
>>
>>
>> AFAIK there are no tools for visualizing logs in case of file destination.
>> However, if logs could be forwarded using ElasticSearch destination, Kibana
>> could be used to visualize logs. Also, if you configure a mongodb
>> destination, you can use mojology (https://github.com/algernon/mojology).
>>
>
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
More information about the syslog-ng
mailing list