Today I came across a wonderful presentation on logstash, a open source log archiver and analyzer which makes use of ElasticSearch to index and search log data.
What makes it interesting is, it has very good support for collecting events from different sources such as log files, sys logs, sockets as well as MQ. It will let you apply different filters and stores its index in ElasticSearch.
Use of elasticsearch is interesting as it uses JSON to index/read data and provides an easy way to search and visualize log data. ElasticSeach can scale better than Solr and is ready for Cloud
This is a compelling package and offers a credible alternative to Splunk.
logstash project url is this.
2 comments:
check f-deets a similar tool.
If you want an easy to install system, you could try Nagios Log Server which uses logstash and Elasticsearch but has a GUI configuration management and alerting and more. On top of that it comes with authentication which is missing in elasticsearch/logstash.
Post a Comment