[syslog-ng] Sequence – making PatternDB creation for syslog-ng easier
Peter Czanik (pczanik)
Peter.Czanik at oneidentity.com
Tue Nov 9 12:19:54 UTC 2021
Hi,
I try not to spam the mailing list about each of my blogs separately. However, with all its problems I love sysog-ng's PatternDB technology for message parsing. Thanks to the hard work of Fabien Wernli and his colleagues, creating patterns for PatternDB just became a whole lot more easier!
"We are well into the 21st century, but most of the log messages still arrive in an unstructured format. For well over a decade, syslog-ng had a solution to turn unstructured messages into name-value pairs, called PatternDB. However, creating a pattern database for PatternDB from scratch is a source of major pain. Or rather, it was: sequence-rtg – a fork of the sequence log analyzer – provides a new hope! It can easily create ready-to-use patterns for your most frequent log messages.
Sequence-rtg is still in beta phase, and therefore is a bit rough around the edges. However, once you deal with the initial struggles of creating the database, it works just fine. Especially if you have lots of log messages. My experience was that the more log messages and larger batch sizes I had, the better quality patterns were generated."
Read my blog at https://www.syslog-ng.com/community/b/blog/posts/sequence-making-patterndb-creation-for-syslog-ng-easier
Peter
Peter Czanik (CzP) <peter.czanik at oneidentity.com>
Balabit (a OneIdentity company) / syslog-ng upstream
https://syslog-ng.com/community/
https://twitter.com/PCzanik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20211109/807bc55e/attachment.htm>
More information about the syslog-ng
mailing list