Solrs stats functions are great when analyzing logs if they are pre processed.
> On Feb 21, 2022, at 4:26 PM, Joel Bernstein <joels...@gmail.com> wrote: > > We use Solr for logs analytics. This is a lot more power in Solr's math > expressions than in Elastic's aggregations and Solr also has new root cause > analysis and event correlation query. Here are some links: > > https://solr.apache.org/guide/8_11/math-expressions.html > https://solr.apache.org/guide/8_11/logs.html > http://joelsolr.blogspot.com/2021/02/driving-down-cloud-storage-costs-with.html > https://solr.apache.org/guide/8_11/graph.html#temporal-graph-expressions > > > > Joel Bernstein > http://joelsolr.blogspot.com/ > > >> On Mon, Feb 21, 2022 at 10:52 AM Z0ltrix <z0lt...@pm.me.invalid> wrote: >> >> No, we use a more general approach to collect all kinds of logfiles >> >> TailFile -> ExtractGrok -> JoltTransformJSON (make some transformation) -> >> PutSolrRecord >> >> >> And we dont use Nifi directly, we use Minifi running on each machine. So >> we can collect all kinds of logfiles from all kinds of applications. >> >> ------- Original Message ------- >> >> Sam Lee <samlee...@yahoo.com.INVALID> schrieb am Montag, 21. Februar 2022 >> um 16:35: >> >>>> yes solr is suitable for this. We aggregate various logfiles from many >>> >> >>>> hosts with minifi and send them line by line to solr. Ingestion and >>>> >> >>>> indexing is fine and you can query the logfiles just moments after >>>> >> >>>> ingestion. >>> >> >>> Thank you for the idea. I have no experience with Apache NiFi at the >>> >> >>> moment. Is your Apache NiFi set up something like this? >>> >> >>> >> https://bryanbende.com/development/2015/05/17/collecting-logs-with-apache-nifi >>> >> >>> (ListenUDP -> MergeContent -> PutSolrContentStream).
