[syslog-ng] a bit [offtopic] but may not. syslog search solution for free
Robert Fekete (rfekete)
Robert.Fekete at oneidentity.com
Tue Sep 17 07:49:24 UTC 2019
Hi Vlad,
You might want to add some requirements so others know what you are aiming at:
- Are you looking for a self-hosted/on-prem solution, or would cloud solutions work?
- What is the expected amount of log traffic?
- Do you need commercial support? (Or why is ELK/ESK too expensive?)
Cheers,
Robert
________________________________________
From: syslog-ng <syslog-ng-bounces at lists.balabit.hu> on behalf of Pal, Laszlo <vlad at vlad.hu>
Sent: Tuesday, September 17, 2019 09:16
To: Syslog-ng users' and developers' mailing list
Subject: [syslog-ng] a bit [offtopic] but may not. syslog search solution for free
CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.
Hi,
Our new central syslog collect&store system are almost complete and finally it is based on Syslog-ng OSE. The only issue I want to solve, is how to present those logs to the users. Originally I thought it would be enough if they will get the directories as NFS exports and they can use their favourite grep to search files, but I thought maybe I can implement some more user friendly solution.
In the planning phase of the project, I've tested various solutions including Graylog, ELK and of course I'm aware of the beauty of SSB :) , but all of these solutions are too expensive for this project.
Then I thought maybe if I forward the logs to some database (SQL or noSQL) I can try to find some very simple frontend for that DB provides a simple search interface for those logs. Nothing fancy is required, but AD auth should be an option.
I'm sure I'm not the only one facing this issue, so I hope someone in the community can share some previous experience on this
Thanks
Vlad
More information about the syslog-ng
mailing list