[Reconnoiter-users] Log file collecting

Ask Bjørn Hansen ask at develooper.com
Sun Mar 27 14:11:19 EDT 2011

On Mar 27, 2011, at 11:03, Paul Nendick wrote:

> I'm going to add to Theo's list:
> - Graylog2 http://www.graylog2.org/
> - Splunk http://www.splunk.com/syslog
> - Loggly http://www.loggly.com/
> It's an interesting problem domain this one.

We use graylog2 for our syslogs (not that much data) and scribe for our application logs (more data).

In particular scribe has been very much "set it and forget it" (I almost logged into some systems to make sure we actually are using it because I don't remember it ever coming up related to any sort of problem/outage/...).

We have our applications log to scribe in JSON format with an appropriate channel name and then the logs get spit out into a couple of applications in the other end that aggregate/analyze, spit out data for munin and nagios (not for reconnoiter currently) and archive them in MogileFS.

