I have two demo instances installed, and it's very pretty, but I think it's much more feature-rich than what I need for the problem I'm trying to solve. I dont really need the alerting and monitoring features as much as just simple searching and filtering. I just dropped in phplogcon, and it's a very good fit for my immediate needs.
I do plan to talk to some technical folks at splunk in the next day or so to hash out what they think the appropriate architecture for the task at hand is. My biggest concern was the way splunk's documentation describes the hardware you need for even a small user load. Depending on the outcome, I may consider that for a longer-term solution that could be used by our operations group. Thanks for everyone's input. It's been very valuable. ~Paul > Have you tried Splunk yourself? My friends that have downloaded the > free demo have ended up finding the money for it. It is that good. > > Tom > > On Sun, Feb 28, 2010 at 8:32 PM, Paul DiSciascio <the...@bytemonkey.net> > wrote: >> I'm looking for a good way to share log files on a centralized syslog >> server with about 10-20 people/developers who are familiar with the log >> formats but not very much with unix tools. They want an easy way to dig >> thru the logs and filter out junk they're not interested in, but still >> have near realtime visibility. Obviously, splunk can do this, but it's >> pricey and their documentation seems to indicate that 20 concurrent >> users would be a lot to ask for without a lot of hardware. I really >> only need an interface capable of some rudimentary filtering, and if >> possible the ability to save those searches or filters. Does anyone >> have any suggestions short of writing this myself? >> >> Thanks, >> Paul >> _______________________________________________ >> Discuss mailing list >> Discuss@lopsa.org >> http://lopsa.org/cgi-bin/mailman/listinfo/discuss >> This list provided by the League of Professional System Administrators >> http://lopsa.org/ >> > > > > -- > http://EverythingSysadmin.com -- http://www.TomOnTime.com > Computer and network administrators... Spread the word! > LOPSA New Jersey Professional IT Community Conference > New Brunswick, NJ, May 7-8, 2010 -- http://picconf.org > _______________________________________________ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
