We use Solr for logs analytics. This is a lot more power in Solr's math expressions than in Elastic's aggregations and Solr also has new root cause analysis and event correlation query. Here are some links:
https://solr.apache.org/guide/8_11/math-expressions.html https://solr.apache.org/guide/8_11/logs.html http://joelsolr.blogspot.com/2021/02/driving-down-cloud-storage-costs-with.html https://solr.apache.org/guide/8_11/graph.html#temporal-graph-expressions Joel Bernstein http://joelsolr.blogspot.com/ On Mon, Feb 21, 2022 at 10:52 AM Z0ltrix <z0lt...@pm.me.invalid> wrote: > No, we use a more general approach to collect all kinds of logfiles > > TailFile -> ExtractGrok -> JoltTransformJSON (make some transformation) -> > PutSolrRecord > > > And we dont use Nifi directly, we use Minifi running on each machine. So > we can collect all kinds of logfiles from all kinds of applications. > > ------- Original Message ------- > > Sam Lee <samlee...@yahoo.com.INVALID> schrieb am Montag, 21. Februar 2022 > um 16:35: > > > > yes solr is suitable for this. We aggregate various logfiles from many > > > > > > hosts with minifi and send them line by line to solr. Ingestion and > > > > > > > indexing is fine and you can query the logfiles just moments after > > > > > > > ingestion. > > > > > Thank you for the idea. I have no experience with Apache NiFi at the > > > > > moment. Is your Apache NiFi set up something like this? > > > > > > https://bryanbende.com/development/2015/05/17/collecting-logs-with-apache-nifi > > > > > (ListenUDP -> MergeContent -> PutSolrContentStream).
