Date: Thu, 16 Feb 2006 08:44:11 -0800 From: Kurt Buff <kurt.buff@gmail.com> To: Ashley Moran <ashley.moran@codeweavers.net> Cc: freebsd-questions@freebsd.org Subject: Re: Log analysis server suggestions? Message-ID: <43F4ABDB.7090009@gmail.com> In-Reply-To: <200602161418.32982.ashley.moran@codeweavers.net> References: <200602161418.32982.ashley.moran@codeweavers.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Ashley Moran wrote: > Until recently I had a server running syslog-ng set to archive all logs into > server/year/month/day/ directories. Now the server is running in amd64, > we've lost our hi-res scrolling display so I want to look at a better log > watching system. > > I've read about logging to a database. I quite like the idea of storing our > logs in PostgreSQL (I don't like MySQL and don't want to get involved in > administering a second database). I know I can log to a PG database quite > easily, but I don't know how I can get the data back out without writing > manual queries. > > Here is what I need: > > - Logs stored for the last 6 months or so, and easily searchable > - Live log watching > - Log analysis > > I might try swatch for the live log watching as this is not affected by the > choice of log storage and seems the best tool for the job. > > As for searching / analysis, I've seen php-syslog-ng > ( http://www.vermeer.org/projects/php-syslog-ng ), which looks very basic, > and phpLogCon ( http://www.phplogcon.com/ ), which does not support PG > anyway. Is there anything better GUI-wise? > > Maybe I am best keeping the logs in text files for now, and spending more time > on swatch. > > Any thoughts? > > Cheers > Ashley http://www.loganalysis.org, and the related listserv might be well worth your time...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43F4ABDB.7090009>