Hi
There is actually a free version of splunk, with a few restrictions though (no access controls). But you still can handle up to 500MB Log per day and it's quite easy to install and configure.
The search engine seems to be quite powerful, we run it on a debian system with 256mb ram, got approx. 7'500'000 log entries on it and a searching for a host takes just a few secs.
Regards
Tobias
Olivier Beytrison schrieb:
Hello,
Maybe have a look at splunk. It's not free, but it seems to do what you're looking for.
I'd like to ask at the same time if anyone here is using it. Because I thinking about installing it on our network. So some feedbacks would be great.
www.splunk.com
Regards, Olivier B.
Marcel Prisi a écrit :
Hi all,
I am looking for a good log centralisation / alerting / mining solution. I know about syslog-ng / rsyslog+phpLogCon, I'd like something more complete ...
Something with a bit of realtime analysis (regexp ?) and correlation ... and a nice interface where you could get some useful details fast ...
What solution do swinoggers use ??
Thanks !
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog