Re: Adiscon LogAnalyzer? rsyslog + mongodb?

To: debian-devel@lists.debian.org
Subject: Re: Adiscon LogAnalyzer? rsyslog + mongodb?
From: Florian Ernst <florian_ernst@gmx.net>
Date: Wed, 5 Mar 2014 09:09:31 +0100
Message-id: <[🔎] 20140305080931.GA7052@fernst.no-ip.org>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 5315E7F5.5050907@pocock.pro>
References: <[🔎] 5315E7F5.5050907@pocock.pro>

Hello all,

On Tue, Mar 04, 2014 at 03:49:25PM +0100, Daniel Pocock wrote:
> The rsyslog mongodb output module and the PHP mongodb modules are now in
> wheezy-backports.  This would appear to be sufficient to do something like:
> 
>     rsyslog => mongodb => loganalyzer
> 
> Has anybody else tried that or does anybody have any comments on it (or
> recommended alternatives)?

That actually did work for a time, but something broke starting with
rsyslog 7.4.0-1. Since then the format of the data dumped into mongodb
doesn't match what tools like loganalyzer expect, cf. #721277 / #728827.
As I was merely experimenting with it I didn't follow up any further.

We ended up using hadoop for some log analysis, but that's quite a
different framework for such a task and as such requires a copious
amount of study ... YMMV.

Cheers,
Flo

Reply to:

Follow-Ups:
- Re: Adiscon LogAnalyzer? rsyslog + mongodb?
  - From: Daniel Pocock <daniel@pocock.pro>

References:
- Adiscon LogAnalyzer? rsyslog + mongodb?
  - From: Daniel Pocock <daniel@pocock.pro>

Prev by Date: Bug#740806: ITP: python-oslo.vmware -- VMware library for OpenStack projects
Next by Date: Re: Bits from keyring-maint: Pushing keyring updates. Let us bury your old 1024D key!
Previous by thread: Re: Adiscon LogAnalyzer? rsyslog + mongodb?
Next by thread: Re: Adiscon LogAnalyzer? rsyslog + mongodb?
Index(es):
- Date
- Thread